diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2012-08-09 22:14:48 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2012-08-09 22:14:48 +0200 |
| commit | aae17d4ae87085a024d637bc836ba2bd226b32ce (patch) | |
| tree | 14aa33316951131d7777f3a28e445c4ca96267f3 | |
| parent | a366ba4c0c6cebb1e703bdc3777b71a4bb766281 (diff) | |
| download | nextcloud-server-aae17d4ae87085a024d637bc836ba2bd226b32ce.tar.gz nextcloud-server-aae17d4ae87085a024d637bc836ba2bd226b32ce.zip | |
Sanitize user input
| -rw-r--r-- | apps/gallery/sharing.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/apps/gallery/sharing.php b/apps/gallery/sharing.php index 44fcd9c864b..a9683c02067 100644 --- a/apps/gallery/sharing.php +++ b/apps/gallery/sharing.php @@ -37,7 +37,7 @@ OCP\App::checkAppEnabled('gallery'); <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js" type="text/javascript"></script> <script src="js/sharing.js" type="text/javascript"></script> <script> - var TOKEN = '<?php echo $_GET['token']; ?>'; + var TOKEN = '<?php htmlentities(echo $_GET['token']); ?>'; </script> </head> <body> |