diff options
author | jim-p <jimp@pfsense.org> | 2016-08-22 12:29:39 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2016-08-22 12:29:39 -0400 |
commit | d2466ce6f5f45300ebeccea93ef4b7c35f8e1f02 (patch) | |
tree | 4f7b68f91b8a729e8c79307f707e2f362f2e9684 /src/usr/local/www | |
parent | 9c6f780f668ea0a93fc6e60e5aca8ead4661a0e3 (diff) | |
download | pfsense-d2466ce6f5f45300ebeccea93ef4b7c35f8e1f02.zip pfsense-d2466ce6f5f45300ebeccea93ef4b7c35f8e1f02.tar.gz |
Add output encoding to diag_dns.php for results returned from DNS. Fixes #6737
Diffstat (limited to 'src/usr/local/www')
-rw-r--r-- | src/usr/local/www/diag_dns.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/usr/local/www/diag_dns.php b/src/usr/local/www/diag_dns.php index 17064d7..8f1c841 100644 --- a/src/usr/local/www/diag_dns.php +++ b/src/usr/local/www/diag_dns.php @@ -224,8 +224,8 @@ if (($_POST['host']) && ($_POST['dialog_output'])) { function display_host_results ($address, $hostname, $dns_speeds) { $map_lengths = function($element) { return strlen($element[0]); }; - echo gettext("IP Address") . ": {$address} \n"; - echo gettext("Host Name") . ": {$hostname} \n"; + echo gettext("IP Address") . ": " . htmlspecialchars($address) . " \n"; + echo gettext("Host Name") . ": " . htmlspecialchars($hostname) . " \n"; echo "\n"; $text_table = array(); $text_table[] = array(gettext("Server"), gettext("Query Time")); @@ -310,7 +310,7 @@ if (!$input_errors && $type) { <tbody> <?php foreach ((array)$resolved as $hostitem):?> <tr> - <td><?=$hostitem['data']?></td><td><?=$hostitem['type']?></td> + <td><?=htmlspecialchars($hostitem['data'])?></td><td><?=htmlspecialchars($hostitem['type'])?></td> </tr> <?php endforeach; ?> </tbody> @@ -334,7 +334,7 @@ if (!$input_errors && $type) { <tbody> <?php foreach ((array)$dns_speeds as $qt):?> <tr> - <td><?=$qt['dns_server']?></td><td><?=$qt['query_time']?></td> + <td><?=htmlspecialchars($qt['dns_server'])?></td><td><?=htmlspecialchars($qt['query_time'])?></td> </tr> <?php endforeach; ?> </tbody> |