Sanitize HTML

author: Lukas Reschke <lukas@statuscode.ch> 2013-02-14 18:15:14 +0100
committer: Lukas Reschke <lukas@statuscode.ch> 2013-02-14 18:15:14 +0100
commit: c7094197bfe4b6702397e147847ef9cfd8d21b63 (patch)
tree: 5d2503797a873156b1f700cf041f0247c31867dd /core/templates
parent: f4c9d4c06797a5c9e2f30d20a8e13686e98dd7f9 (diff)
download: nextcloud-server-c7094197bfe4b6702397e147847ef9cfd8d21b63.tar.gz
nextcloud-server-c7094197bfe4b6702397e147847ef9cfd8d21b63.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/core/templates/layout.user.php b/core/templates/layout.user.php
index c8b580b5fd9..38aa31be32b 100644
--- a/core/templates/layout.user.php
+++ b/core/templates/layout.user.php
@@ -31,7 +31,7 @@
 
 			<ul id="settings" class="svg">
 				<span id="expand">
-					<?php echo OCP\User::getDisplayName($user=null)?OCP\User::getDisplayName($user=null):(OC_User::getUser()?OC_User::getUser():'') ?>
+					<?php echo OCP\User::getDisplayName($user=null)?OC_Util::sanitizeHTML(OCP\User::getDisplayName($user=null)):(OC_User::getUser()?OC_User::getUser():'') ?>
 					<img class="svg" src="<?php echo image_path('', 'actions/caret.svg'); ?>" />
 				</span>
 				<div id="expanddiv">
author	Lukas Reschke <lukas@statuscode.ch>	2013-02-14 18:15:14 +0100
committer	Lukas Reschke <lukas@statuscode.ch>	2013-02-14 18:15:14 +0100
commit	c7094197bfe4b6702397e147847ef9cfd8d21b63 (patch)
tree	5d2503797a873156b1f700cf041f0247c31867dd /core/templates
parent	f4c9d4c06797a5c9e2f30d20a8e13686e98dd7f9 (diff)
download	nextcloud-server-c7094197bfe4b6702397e147847ef9cfd8d21b63.tar.gz nextcloud-server-c7094197bfe4b6702397e147847ef9cfd8d21b63.zip