diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-11-18 11:54:52 -0200 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-11-18 11:54:52 -0200 |
commit | ae38cb75cc27ba0eab34fea45a31df1343de5519 (patch) | |
tree | 952439caf606c69b112f0b6605eaccac99dbc01e /usr/local | |
parent | 4b40d03612e47fc07433c1d722802f01f50e991f (diff) | |
download | pfsense-ae38cb75cc27ba0eab34fea45a31df1343de5519.zip pfsense-ae38cb75cc27ba0eab34fea45a31df1343de5519.tar.gz |
Pass path parameter through htmlpecialchars()
Diffstat (limited to 'usr/local')
-rw-r--r-- | usr/local/www/edit.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/edit.php b/usr/local/www/edit.php index 9dae23d..403cf8e 100644 --- a/usr/local/www/edit.php +++ b/usr/local/www/edit.php @@ -241,7 +241,7 @@ outputJavaScriptFileInline("javascript/base64.js"); <?php if($_GET['action'] == "load"): ?> jQuery(window).load( function() { - jQuery("#fbTarget").val("<?=$_GET['path'];?>"); + jQuery("#fbTarget").val("<?=htmlspecialchars($_GET['path']);?>"); loadFile(); } ); |