XSS fix.

author Thomas Tanghus <thomas@tanghus.net>

Mon, 25 Jun 2012 03:03:30 +0000 (05:03 +0200)

committer Thomas Tanghus <thomas@tanghus.net>

Mon, 25 Jun 2012 03:03:30 +0000 (05:03 +0200)
author Thomas Tanghus <thomas@tanghus.net>
Mon, 25 Jun 2012 03:03:30 +0000 (05:03 +0200)
committer Thomas Tanghus <thomas@tanghus.net>
Mon, 25 Jun 2012 03:03:30 +0000 (05:03 +0200)
diff --git a/settings/templates/apps.php b/settings/templates/apps.php

index b9beedca151c083f0497d8168e6bb63c0a545772..6edaf6c584871d4421538f934b23bae6cd819185 100644 (file)
--- a/settings/templates/apps.php
+++ b/settings/templates/apps.php
@@ -12,7 +12,7 @@
  <ul id="leftcontent">
         <?php foreach($_['apps'] as $app):?>
         <li <?php if($app['active']) echo 'class="active"'?> data-id="<?php echo $app['id'] ?>">
-               <a href="?appid=<?php echo $app['id'] ?>"><?php  echo $app['name'] ?></a>
+               <a href="?appid=<?php echo $app['id'] ?>"><?php  echo htmlentities($app['name']) ?></a>
                 <span class="hidden">
                         <?php OC_JSON::encodedPrint($app,false) ?>
                 </span>
author	Thomas Tanghus <thomas@tanghus.net>
	Mon, 25 Jun 2012 03:03:30 +0000 (05:03 +0200)
committer	Thomas Tanghus <thomas@tanghus.net>
	Mon, 25 Jun 2012 03:03:30 +0000 (05:03 +0200)