diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2010-11-12 11:36:13 -0500 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2010-11-12 11:36:20 -0500 |
commit | dd5bf424c155922b065b45e64733bdf8de620c0f (patch) | |
tree | 1b22756ce120544141edc9d3f2159037b955c2bc /usr/local/www/system_certmanager.php | |
parent | 4656943e59eb19a534c06cc253e266da6c52e915 (diff) | |
download | pfsense-dd5bf424c155922b065b45e64733bdf8de620c0f.zip pfsense-dd5bf424c155922b065b45e64733bdf8de620c0f.tar.gz |
Fix XSS issues
Diffstat (limited to 'usr/local/www/system_certmanager.php')
-rw-r--r-- | usr/local/www/system_certmanager.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/usr/local/www/system_certmanager.php b/usr/local/www/system_certmanager.php index a3395c9..36a11bb 100644 --- a/usr/local/www/system_certmanager.php +++ b/usr/local/www/system_certmanager.php @@ -457,7 +457,7 @@ function internalca_change() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate data");?></td> <td width="78%" class="vtable"> - <textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=$pconfig['cert'];?></textarea> + <textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=htmlspecialchars($pconfig['cert']);?></textarea> <br> <?=gettext("Paste a certificate in X.509 PEM format here.");?></td> </td> @@ -465,7 +465,7 @@ function internalca_change() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Private key data");?></td> <td width="78%" class="vtable"> - <textarea name="key" id="key" cols="65" rows="7" class="formfld_cert"><?=$pconfig['key'];?></textarea> + <textarea name="key" id="key" cols="65" rows="7" class="formfld_cert"><?=htmlspecialchars($pconfig['key']);?></textarea> <br> <?=gettext("Paste a private key in X.509 PEM format here.");?></td> </td> @@ -758,7 +758,7 @@ function internalca_change() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Signing Request data");?></td> <td width="78%" class="vtable"> - <textarea name="csr" id="csr" cols="65" rows="7" class="formfld_cert" readonly><?=$pconfig['csr'];?></textarea> + <textarea name="csr" id="csr" cols="65" rows="7" class="formfld_cert" readonly><?=htmlspecialchars($pconfig['csr']);?></textarea> <br> <?=gettext("Copy the certificate signing data from here and forward it to your certificate authority for signing.");?></td> </td> @@ -766,7 +766,7 @@ function internalca_change() { <tr> <td width="22%" valign="top" class="vncellreq"><?=gettext("Final Certificate data");?></td> <td width="78%" class="vtable"> - <textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=$pconfig['cert'];?></textarea> + <textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=htmlspecialchars($pconfig['cert']);?></textarea> <br> <?=gettext("Paste the certificate received from your cerificate authority here.");?></td> </td> |