diff options
author | jim-p <jimp@pfsense.org> | 2015-07-01 11:17:45 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2015-07-01 11:17:45 -0400 |
commit | 8bcc385b3a5325a04a1afd72f439a40c7faff098 (patch) | |
tree | 9b79e07d20676a1c50d85e6cb74390d1deafe51d /usr/local/www | |
parent | d6a94eda00a3df51f59ed893e6c0a7669d4ce563 (diff) | |
download | pfsense-8bcc385b3a5325a04a1afd72f439a40c7faff098.zip pfsense-8bcc385b3a5325a04a1afd72f439a40c7faff098.tar.gz |
Encode ca/cert descr in vpn_openvpn_client.php
Diffstat (limited to 'usr/local/www')
-rw-r--r-- | usr/local/www/vpn_openvpn_client.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index 759aeae..7a06c70 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -812,7 +812,7 @@ if ($savemsg) { $selected = "selected=\"selected\""; } ?> - <option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['descr'];?></option> + <option value="<?=$ca['refid'];?>" <?=$selected;?>><?=htmlspecialchars($ca['descr']);?></option> <?php endforeach; ?> </select> <?php else: ?> @@ -832,7 +832,7 @@ if ($savemsg) { $revoked = ""; $ca = lookup_ca($cert['caref']); if ($ca) { - $caname = " (CA: {$ca['descr']})"; + $caname = " (CA: " . htmlspecialchars($ca['descr']) . ")"; } if ($pconfig['certref'] == $cert['refid']) { $selected = "selected=\"selected\""; @@ -844,7 +844,7 @@ if ($savemsg) { $revoked = " *Revoked"; } ?> - <option value="<?=$cert['refid'];?>" <?=$selected;?>><?=$cert['descr'] . $caname . $inuse . $revoked;?></option> + <option value="<?=$cert['refid'];?>" <?=$selected;?>><?=htmlspecialchars($cert['descr']) . $caname . $inuse . $revoked;?></option> <?php endforeach; ?> <option value="" <?PHP if (empty($pconfig['certref'])) echo "selected=\"selected\""; ?>>None (Username and/or Password required)</option> </select> |