summaryrefslogtreecommitdiffstats
path: root/usr/local/www
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2015-07-01 11:19:50 -0400
committerjim-p <jimp@pfsense.org>2015-07-01 11:19:50 -0400
commit28bb81784f0ba3e147b1d78224b0a43d6675e714 (patch)
treee538d111840e7bad4ce689324d6db1e5793be6f7 /usr/local/www
parent8bcc385b3a5325a04a1afd72f439a40c7faff098 (diff)
downloadpfsense-28bb81784f0ba3e147b1d78224b0a43d6675e714.zip
pfsense-28bb81784f0ba3e147b1d78224b0a43d6675e714.tar.gz
Encode ca/cert descr in vpn_openvpn_server.php
Diffstat (limited to 'usr/local/www')
-rw-r--r--usr/local/www/vpn_openvpn_server.php10
1 files changed, 5 insertions, 5 deletions
diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php
index 7688fa8..a7ff4ce 100644
--- a/usr/local/www/vpn_openvpn_server.php
+++ b/usr/local/www/vpn_openvpn_server.php
@@ -1052,7 +1052,7 @@ if ($savemsg) {
$selected = "selected=\"selected\"";
}
?>
- <option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['descr'];?></option>
+ <option value="<?=$ca['refid'];?>" <?=$selected;?>><?=htmlspecialchars($ca['descr']);?></option>
<?php endforeach; ?>
</select>
<?php else: ?>
@@ -1072,13 +1072,13 @@ if ($savemsg) {
$caname = "";
$ca = lookup_ca($crl['caref']);
if ($ca) {
- $caname = " (CA: {$ca['descr']})";
+ $caname = " (CA: " . htmlspecialchars($ca['descr']) . ")";
if ($pconfig['crlref'] == $crl['refid']) {
$selected = "selected=\"selected\"";
}
}
?>
- <option value="<?=$crl['refid'];?>" <?=$selected;?>><?=$crl['descr'] . $caname;?></option>
+ <option value="<?=$crl['refid'];?>" <?=$selected;?>><?=htmlspecialchars($crl['descr']) . $caname;?></option>
<?php endforeach; ?>
</select>
<?php else: ?>
@@ -1099,7 +1099,7 @@ if ($savemsg) {
$revoked = "";
$ca = lookup_ca($cert['caref']);
if ($ca) {
- $caname = " (CA: {$ca['descr']})";
+ $caname = " (CA: " . htmlspecialchars($ca['descr']) . ")";
}
if ($pconfig['certref'] == $cert['refid']) {
$selected = "selected=\"selected\"";
@@ -1111,7 +1111,7 @@ if ($savemsg) {
$revoked = " *Revoked";
}
?>
- <option value="<?=$cert['refid'];?>" <?=$selected;?>><?=$cert['descr'] . $caname . $inuse . $revoked;?></option>
+ <option value="<?=$cert['refid'];?>" <?=$selected;?>><?=htmlspecialchars($cert['descr']) . $caname . $inuse . $revoked;?></option>
<?php endforeach; ?>
</select>
<?php else: ?>
OpenPOWER on IntegriCloud