summaryrefslogtreecommitdiffstats
path: root/usr/local/www/load_balancer_virtual_server_edit.php
diff options
context:
space:
mode:
authorScott Ullrich <sullrich@pfsense.org>2010-11-12 11:36:13 -0500
committerScott Ullrich <sullrich@pfsense.org>2010-11-12 11:36:20 -0500
commitdd5bf424c155922b065b45e64733bdf8de620c0f (patch)
tree1b22756ce120544141edc9d3f2159037b955c2bc /usr/local/www/load_balancer_virtual_server_edit.php
parent4656943e59eb19a534c06cc253e266da6c52e915 (diff)
downloadpfsense-dd5bf424c155922b065b45e64733bdf8de620c0f.zip
pfsense-dd5bf424c155922b065b45e64733bdf8de620c0f.tar.gz
Fix XSS issues
Diffstat (limited to 'usr/local/www/load_balancer_virtual_server_edit.php')
-rwxr-xr-xusr/local/www/load_balancer_virtual_server_edit.php8
1 files changed, 4 insertions, 4 deletions
diff --git a/usr/local/www/load_balancer_virtual_server_edit.php b/usr/local/www/load_balancer_virtual_server_edit.php
index 9118319..96a557c 100755
--- a/usr/local/www/load_balancer_virtual_server_edit.php
+++ b/usr/local/www/load_balancer_virtual_server_edit.php
@@ -167,7 +167,7 @@ document.observe("dom:loaded", function() {
});
// Go ahead and disable the relay stuff, we'll trigger
- updateRelay("<?=$pconfig['mode'];?>");
+ updateRelay("<?=htmlspecialchars($pconfig['mode']);?>");
});
@@ -231,7 +231,7 @@ document.observe("dom:loaded", function() {
<b><?=gettext("NOTE:"); ?></b> <?=gettext("Please add a pool on the Pools tab to use this feature."); ?>
<?php else: ?>
<select id="sitedown" name="sitedown">
- <option value=""<?=$pconfig['sitedown'] == '' ? ' selected' : ''?>><?=gettext("none"); ?></option>
+ <option value=""<?=htmlspecialchars($pconfig['sitedown']) == '' ? ' selected' : ''?>><?=gettext("none"); ?></option>
<?php
for ($i = 0; isset($config['load_balancer']['lbpool'][$i]); $i++) {
$selected = "";
@@ -250,8 +250,8 @@ document.observe("dom:loaded", function() {
<tr align="left">
<td width="22%" valign="top" class="vncellreq">Mode</td>
<td width="78%" class="vtable" colspan="2">
- <input id="redirect_mode" type="radio" name="mode" value="redirect"<?=$pconfig['mode'] == 'redirect' ? ' checked="checked"': ''?>> Redirect
- <input id="relay_mode" type="radio" name="mode" value="relay"<?=$pconfig['mode'] == 'relay' ? ' checked="checked"': ''?>> Relay
+ <input id="redirect_mode" type="radio" name="mode" value="redirect"<?=htmlspecialchars($pconfig['mode']) == 'redirect' ? ' checked="checked"': ''?>> Redirect
+ <input id="relay_mode" type="radio" name="mode" value="relay"<?=htmlspecialchars($pconfig['mode']) == 'relay' ? ' checked="checked"': ''?>> Relay
<br>
</td>
OpenPOWER on IntegriCloud