summaryrefslogtreecommitdiffstats
path: root/core/ajax
diff options
context:
space:
mode:
authorBart Visscher <bartv@thisnet.nl>2013-02-09 15:03:47 +0100
committerBart Visscher <bartv@thisnet.nl>2013-02-09 15:10:40 +0100
commit9dddcae9ca3dcf872893e36e2f478ebecafdc6e2 (patch)
tree161ce14d97ef95699266ead95da5f5f2bd97fb68 /core/ajax
parent12bdc6ddb6021f772e8e6364eee89f1406ee3d7d (diff)
downloadnextcloud-server-9dddcae9ca3dcf872893e36e2f478ebecafdc6e2.tar.gz
nextcloud-server-9dddcae9ca3dcf872893e36e2f478ebecafdc6e2.zip
Remove invalid characters from app id to prevent loading of invalid resources
Diffstat (limited to 'core/ajax')
-rw-r--r--core/ajax/translations.php1
1 files changed, 1 insertions, 0 deletions
diff --git a/core/ajax/translations.php b/core/ajax/translations.php
index e22cbad4708..e52a2e9b1e8 100644
--- a/core/ajax/translations.php
+++ b/core/ajax/translations.php
@@ -22,6 +22,7 @@
*/
$app = $_POST["app"];
+$app = OC_App::cleanAppId($app);
$l = OC_L10N::get( $app );
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-03 03:47:20 +0000