diff options
| author | Renato Botelho <garga@FreeBSD.org> | 2014-11-18 11:54:52 -0200 |
|---|---|---|
| committer | Renato Botelho <garga@FreeBSD.org> | 2014-11-18 12:03:25 -0200 |
| commit | a8c82ef9559b21432be7e3c225ed6f0e6a3bb9ca (patch) | |
| tree | 73d00f4fd71a67f5065509190f6d91c871f2de43 | |
| parent | f376043cf3d29af7600776e38930c80cac5d5963 (diff) | |
| download | pfsense-a8c82ef9559b21432be7e3c225ed6f0e6a3bb9ca.zip pfsense-a8c82ef9559b21432be7e3c225ed6f0e6a3bb9ca.tar.gz | |
Pass path parameter through htmlpecialchars()
| -rw-r--r-- | usr/local/www/edit.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/edit.php b/usr/local/www/edit.php index f700fcf..f83c937 100644 --- a/usr/local/www/edit.php +++ b/usr/local/www/edit.php @@ -229,7 +229,7 @@ outputJavaScriptFileInline("javascript/base64.js"); <?php if($_GET['action'] == "load"): ?> jQuery(window).load( function() { - jQuery("#fbTarget").val("<?=$_GET['path'];?>"); + jQuery("#fbTarget").val("<?=htmlspecialchars($_GET['path']);?>"); loadFile(); } ); |
