summaryrefslogtreecommitdiffstats
path: root/usr/local/www/widgets/widgets/services_status.widget.php
diff options
context:
space:
mode:
authorRenato Botelho <garga@FreeBSD.org>2014-06-17 15:13:42 -0300
committerRenato Botelho <garga@FreeBSD.org>2014-06-17 15:13:42 -0300
commitce9d5d7255919b47abf28314dbe6eaa2769a92e4 (patch)
tree0fa5e16a920ef2960b86362179180a65ffce6110 /usr/local/www/widgets/widgets/services_status.widget.php
parent860b102acbdb8f7ea702c2f63c5216904428cf1d (diff)
downloadpfsense-ce9d5d7255919b47abf28314dbe6eaa2769a92e4.zip
pfsense-ce9d5d7255919b47abf28314dbe6eaa2769a92e4.tar.gz
Protect servicestatusfilter parameter with htmlspecialchars()
Diffstat (limited to 'usr/local/www/widgets/widgets/services_status.widget.php')
-rw-r--r--usr/local/www/widgets/widgets/services_status.widget.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/widgets/widgets/services_status.widget.php b/usr/local/www/widgets/widgets/services_status.widget.php
index ee8d521..86fa7f3 100644
--- a/usr/local/www/widgets/widgets/services_status.widget.php
+++ b/usr/local/www/widgets/widgets/services_status.widget.php
@@ -41,7 +41,7 @@ require_once("/usr/local/www/widgets/include/services_status.inc");
$services = get_services();
if(isset($_POST['servicestatusfilter'])) {
- $config['widgets']['servicestatusfilter'] = $_POST['servicestatusfilter'];
+ $config['widgets']['servicestatusfilter'] = htmlspecialchars($_POST['servicestatusfilter'], ENT_QUOTES | ENT_HTML401);
write_config("Saved Service Status Filter via Dashboard");
header("Location: ../../index.php");
}
OpenPOWER on IntegriCloud