upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-19 16:39:59 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 13

xss vulnerabilities fixed

Browse source
This commit is contained in:
Bjoern Schiessle 2012-06-22 14:11:57 +02:00
parent 033d372f98
commit e1fa9c282b
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
apps/gallery/lib/tiles.php
View file

@ -168,7 +168,7 @@ class TileStack extends TileBase {
}
public function getOnClickAction() {
return 'javascript:openNewGal(\''.$this->stack_name.'\');';
return 'javascript:openNewGal(\''.\OCP\Util::sanitizeHTML($this->stack_name).'\');';
}
private $tiles_array;

2
apps/gallery/templates/index.php
View file

@ -1,6 +1,6 @@
<script type="text/javascript">
var root = "<?php echo $_['root']; ?>";
var root = "<?php echo OCP\Util::sanitizeHTML($_['root']); ?>";
$(document).ready(function() {
$("a[rel=images]").fancybox({