diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2014-08-28 09:36:18 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2014-08-28 09:36:18 +0200 |
| commit | 2f76117cb804e7e18d2d3bc8b072e18a7c09f43c (patch) | |
| tree | f357480c8b7c8105c0d7eb10c6c3c911615867e4 | |
| parent | 1b342a70d69d45a2dc656bb2ffa8a9b5484e4aef (diff) | |
| parent | 9ab62ad5b787d44238c842f633fc950918aaa796 (diff) | |
| download | nextcloud-server-2f76117cb804e7e18d2d3bc8b072e18a7c09f43c.tar.gz nextcloud-server-2f76117cb804e7e18d2d3bc8b072e18a7c09f43c.zip | |
Merge pull request #10670 from owncloud/encodeExceptions
Escape error messages
| -rw-r--r-- | lib/private/template.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/private/template.php b/lib/private/template.php index eaa58b769d7..173345cc001 100644 --- a/lib/private/template.php +++ b/lib/private/template.php @@ -272,19 +272,19 @@ class OC_Template extends \OC\Template\Base { if (defined('DEBUG') and DEBUG) { $hint = $exception->getTraceAsString(); if (!empty($hint)) { - $hint = '<pre>'.$hint.'</pre>'; + $hint = '<pre>'.OC_Util::sanitizeHTML($hint).'</pre>'; } while (method_exists($exception, 'previous') && $exception = $exception->previous()) { $error_msg .= '<br/>Caused by:' . ' '; if ($exception->getCode()) { - $error_msg .= '['.$exception->getCode().'] '; + $error_msg .= '['.OC_Util::sanitizeHTML($exception->getCode()).'] '; } - $error_msg .= $exception->getMessage(); + $error_msg .= OC_Util::sanitizeHTML($exception->getMessage()); }; } else { $hint = ''; if ($exception instanceof \OC\HintException) { - $hint = $exception->getHint(); + $hint = OC_Util::sanitizeHTML($exception->getHint()); } } self::printErrorPage($error_msg, $hint); |