diff options
Diffstat (limited to 'apps/impress/player.php')
| -rwxr-xr-x | apps/impress/player.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/apps/impress/player.php b/apps/impress/player.php index 12497de54c1..cd534757fb4 100755 --- a/apps/impress/player.php +++ b/apps/impress/player.php @@ -26,8 +26,8 @@ require_once('lib/impress.php'); // Check if we are a user OCP\User::checkLoggedIn(); -$filename = strip_tags($_GET['file']); -$title = strip_tags($_GET['name']); +$filename = OCP\Util::sanitizeHTML($_GET['file']); +$title = OCP\Util::sanitizeHTML($_GET['name']); if(!OC_Filesystem::file_exists($filename)){ header("HTTP/1.0 404 Not Found"); |