mirror of
https://github.com/nextcloud/server.git
synced 2024-07-25 13:54:59 +02:00
Escape the data only in the template
This commit is contained in:
parent
8e5bbace71
commit
3e3c039292
@ -323,14 +323,14 @@ class OC_Util {
|
||||
$parameters[$value] = true;
|
||||
}
|
||||
if (!empty($_POST['user'])) {
|
||||
$parameters["username"] = OC_Util::sanitizeHTML($_POST['user']).'"';
|
||||
$parameters["username"] = $_POST['user'];
|
||||
$parameters['user_autofocus'] = false;
|
||||
} else {
|
||||
$parameters["username"] = '';
|
||||
$parameters['user_autofocus'] = true;
|
||||
}
|
||||
if (isset($_REQUEST['redirect_url'])) {
|
||||
$redirect_url = OC_Util::sanitizeHTML($_REQUEST['redirect_url']);
|
||||
$redirect_url = $_REQUEST['redirect_url'];
|
||||
$parameters['redirect_url'] = urlencode($redirect_url);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user