diff options
| author | Carl Schwan <carl@carlschwan.eu> | 2022-08-31 21:15:02 +0200 |
|---|---|---|
| committer | Côme Chilliet <come.chilliet@nextcloud.com> | 2023-04-24 17:17:53 +0200 |
| commit | b1ec7ff51f2ca3278314beffce547b579a050559 (patch) | |
| tree | 4769007e50f4c173540d43f8bf94623856ed5cae /apps/dashboard | |
| parent | 4953296b9e87037b742a463018974f4cda76752a (diff) | |
| download | nextcloud-server-b1ec7ff51f2ca3278314beffce547b579a050559.tar.gz nextcloud-server-b1ec7ff51f2ca3278314beffce547b579a050559.zip | |
Add missing taint analysis docblock comments, and improve escaping in some methods
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Diffstat (limited to 'apps/dashboard')
| -rw-r--r-- | apps/dashboard/lib/Controller/LayoutApiController.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/apps/dashboard/lib/Controller/LayoutApiController.php b/apps/dashboard/lib/Controller/LayoutApiController.php index 755470b7b07..8eb01be497e 100644 --- a/apps/dashboard/lib/Controller/LayoutApiController.php +++ b/apps/dashboard/lib/Controller/LayoutApiController.php @@ -31,7 +31,6 @@ use OCP\IConfig; use OCP\IRequest; class LayoutApiController extends OCSController { - /** @var IConfig */ private $config; /** @var string */ @@ -56,6 +55,7 @@ class LayoutApiController extends OCSController { * @return JSONResponse */ public function create(string $layout): JSONResponse { + $layout = htmlspecialchars($layout); $this->config->setUserValue($this->userId, 'dashboard', 'layout', $layout); return new JSONResponse(['layout' => $layout]); } |