Harden XSS escaping

This could lead to XSS if the html attribute values weren't quoted with double quotes. By default htmlentities only encodes double quotes and not single quotes. If the quotes are ever changed this could lead to exploitable XSS. Signed-off-by: Florian Pritz <bluewind@xinu.at>
author: Florian Pritz <bluewind@xinu.at> 2016-06-17 00:12:43 +0200
committer: Florian Pritz <bluewind@xinu.at> 2016-07-04 07:58:15 +0200
commit: 21b263a88550d1da199a13d215ea1477d603b75a (patch)
tree: 862efb7ac1bca22c9c9b941ed1eef172ebc232a2 /application/views/file/fragments/thumbnail.php
parent: aca5b6c6362c415df501f76ef170794e77522242 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/application/views/file/fragments/thumbnail.php b/application/views/file/fragments/thumbnail.php
index 7cbebe7fe..7fad5575f 100644
--- a/application/views/file/fragments/thumbnail.php
+++ b/application/views/file/fragments/thumbnail.php
@@ -12,8 +12,8 @@ if (substr($base_url, -1) !== "/") {
 			<?php if (strpos($item["mimetype"], "image/") === 0) {?>rel="gallery" class="colorbox"<?php } ?>
 			data-orientation="<?php echo $item["orientation"]; ?>"
 			href="<?php echo $base_url.$item["id"]."/"; ?>"
-			title="<?php echo htmlentities($item["filename"]); ?>"
-			data-content="<?php echo htmlentities($item["tooltip"]); ?>"
+			title="<?php echo htmlentities($item["filename"], ENT_QUOTES); ?>"
+			data-content="<?php echo htmlentities($item["tooltip"], ENT_QUOTES); ?>"
 			data-id="<?php echo $item["id"]; ?>"><!--
 			--><img	class="thumb lazyload"
 				data-original="<?php echo $base_url."file/thumbnail/".$item["id"]; ?>"
author	Florian Pritz <bluewind@xinu.at>	2016-06-17 00:12:43 +0200
committer	Florian Pritz <bluewind@xinu.at>	2016-07-04 07:58:15 +0200
commit	21b263a88550d1da199a13d215ea1477d603b75a (patch)
tree	862efb7ac1bca22c9c9b941ed1eef172ebc232a2 /application/views/file/fragments/thumbnail.php
parent	aca5b6c6362c415df501f76ef170794e77522242 (diff)