diff options
| author | Robin Appelman <icewind@owncloud.com> | 2012-04-16 12:59:08 +0200 |
|---|---|---|
| committer | Robin Appelman <icewind@owncloud.com> | 2012-04-16 12:59:38 +0200 |
| commit | cfd0140e2faa250e6e90cbeb4ec2ca4dcceed2f4 (patch) | |
| tree | 5623f496ed61199ac64f8bceb0db04bf9b6b4758 /core | |
| parent | 3c182bdb351cd0f7938c9f9f022b44b4e530664d (diff) | |
| download | nextcloud-server-cfd0140e2faa250e6e90cbeb4ec2ca4dcceed2f4.tar.gz nextcloud-server-cfd0140e2faa250e6e90cbeb4ec2ca4dcceed2f4.zip | |
fix 2 potential xss problems
Diffstat (limited to 'core')
| -rw-r--r-- | core/templates/404.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/core/templates/404.php b/core/templates/404.php index 13a81010343..cd4f2b40bb2 100644 --- a/core/templates/404.php +++ b/core/templates/404.php @@ -10,6 +10,6 @@ if(!isset($_)){//also provide standalone error page <ul> <li class='error'> <?php echo $l->t( 'Cloud not found' ); ?><br/> - <p class='hint'><?php if(isset($_['file'])) echo $_['file']?></p> + <p class='hint'><?php if(isset($_['file'])) echo htmlentities($_['file'])?></p> </li> </ul> |