diff options
| author | Robin Appelman <icewind@owncloud.com> | 2012-04-16 12:59:08 +0200 |
|---|---|---|
| committer | Robin Appelman <icewind@owncloud.com> | 2012-04-16 12:59:38 +0200 |
| commit | cfd0140e2faa250e6e90cbeb4ec2ca4dcceed2f4 (patch) | |
| tree | 5623f496ed61199ac64f8bceb0db04bf9b6b4758 /files | |
| parent | 3c182bdb351cd0f7938c9f9f022b44b4e530664d (diff) | |
| download | nextcloud-server-cfd0140e2faa250e6e90cbeb4ec2ca4dcceed2f4.tar.gz nextcloud-server-cfd0140e2faa250e6e90cbeb4ec2ca4dcceed2f4.zip | |
fix 2 potential xss problems
Diffstat (limited to 'files')
| -rw-r--r-- | files/templates/index.php | 2 | ||||
| -rw-r--r-- | files/templates/part.breadcrumb.php | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/files/templates/index.php b/files/templates/index.php index f423b96ba1e..639bdeaead8 100644 --- a/files/templates/index.php +++ b/files/templates/index.php @@ -15,7 +15,7 @@ <form data-upload-id='1' class="file_upload_form" action="ajax/upload.php" method="post" enctype="multipart/form-data" target="file_upload_target_1"> <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $_['uploadMaxFilesize'] ?>" id="max_upload"> <input type="hidden" class="max_human_file_size" value="(max <?php echo $_['uploadMaxHumanFilesize']; ?>)"> - <input type="hidden" name="dir" value="<?php echo $_['dir'] ?>" id="dir"> + <input type="hidden" name="dir" value="<?php echo htmlentities($_['dir']) ?>" id="dir"> <button class="file_upload_filename"> <img class='svg action' alt="Upload" src="<?php echo image_path("core", "actions/upload.svg"); ?>" /></button> <input class="file_upload_start" type="file" name='files[]'/> <a href="#" class="file_upload_button_wrapper" onclick="return false;" title="<?php echo $l->t('Upload'); echo ' max. '.$_['uploadMaxHumanFilesize'] ?>"></a> diff --git a/files/templates/part.breadcrumb.php b/files/templates/part.breadcrumb.php index ab81cc5c039..16da6bb97b4 100644 --- a/files/templates/part.breadcrumb.php +++ b/files/templates/part.breadcrumb.php @@ -1,6 +1,6 @@ <?php for($i=0; $i<count($_["breadcrumb"]); $i++): $crumb = $_["breadcrumb"][$i]; ?> <div class="crumb <?php if($i == count($_["breadcrumb"])-1) echo 'last';?> svg" data-dir='<?php echo $crumb["dir"];?>' style='background-image:url("<?php echo image_path('core','breadcrumb.png');?>")'> - <a href="<?php echo $_['baseURL'].$crumb["dir"]; ?>"><?php echo htmlspecialchars($crumb["name"]); ?></a> + <a href="<?php echo $_['baseURL'].$crumb["dir"]; ?>"><?php echo htmlentities($crumb["name"]); ?></a> </div> <?php endfor;?>
\ No newline at end of file |