diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2012-08-09 22:14:09 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2012-08-09 22:14:09 +0200 |
| commit | 5f5136643562e53460af557efbb6f3c0a2a6fc80 (patch) | |
| tree | abffc4f4558cdf34e91667ff578f4b459515965c /apps | |
| parent | 7780e37f380277237b31160ae9bbcb41528c6835 (diff) | |
| download | nextcloud-server-5f5136643562e53460af557efbb6f3c0a2a6fc80.tar.gz nextcloud-server-5f5136643562e53460af557efbb6f3c0a2a6fc80.zip | |
Sanitzing user input
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/gallery/sharing.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/apps/gallery/sharing.php b/apps/gallery/sharing.php index 44fcd9c864b..af3e553e454 100644 --- a/apps/gallery/sharing.php +++ b/apps/gallery/sharing.php @@ -37,7 +37,7 @@ OCP\App::checkAppEnabled('gallery'); <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js" type="text/javascript"></script> <script src="js/sharing.js" type="text/javascript"></script> <script> - var TOKEN = '<?php echo $_GET['token']; ?>'; + var TOKEN = '<?php echo htmlentities($_GET['token']); ?>'; </script> </head> <body> |