diff options
| author | Florian Pritz <bluewind@xinu.at> | 2016-06-17 00:12:43 +0200 |
|---|---|---|
| committer | Florian Pritz <bluewind@xinu.at> | 2016-07-04 07:58:15 +0200 |
| commit | 21b263a88550d1da199a13d215ea1477d603b75a (patch) | |
| tree | 862efb7ac1bca22c9c9b941ed1eef172ebc232a2 /application/views/file/upload_history.php | |
| parent | aca5b6c6362c415df501f76ef170794e77522242 (diff) | |
Harden XSS escaping
This could lead to XSS if the html attribute values weren't quoted with
double quotes. By default htmlentities only encodes double quotes and
not single quotes. If the quotes are ever changed this could lead to
exploitable XSS.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application/views/file/upload_history.php')
| -rw-r--r-- | application/views/file/upload_history.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/application/views/file/upload_history.php b/application/views/file/upload_history.php index 7d46efe3a..060cd25c3 100644 --- a/application/views/file/upload_history.php +++ b/application/views/file/upload_history.php @@ -16,7 +16,7 @@ <?php foreach($items as $key => $item): ?> <tr> <td><input type="checkbox" name="ids[<?php echo $item["id"] ?>]" value="<?php echo $item["id"] ?>" class="delete-history"></td> - <td><a href="<?php echo site_url("/".$item["id"]) ?>/" data-content="<?php if (isset($item['preview_text'])) {echo htmlentities($item['preview_text']);} ?>"><?php echo $item["id"] ?></a></td> + <td><a href="<?php echo site_url("/".$item["id"]) ?>/" data-content="<?php if (isset($item['preview_text'])) {echo htmlentities($item['preview_text'], ENT_QUOTES);} ?>"><?php echo $item["id"] ?></a></td> <td class="wrap"><?php echo htmlspecialchars($item["filename"]); ?></td> <td><?php echo $item["mimetype"] ?></td> <td class="nowrap" data-sort-value="<?=$item["date"]; ?>"><?php echo date("r", $item["date"]); ?></td> |