diff options
author | jim-p <jimp@pfsense.org> | 2015-07-01 11:16:25 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2015-07-01 11:16:25 -0400 |
commit | f7ca96741d67a0719da213d410cf17e4437619f4 (patch) | |
tree | f254eb156b74526f50c7b76165a3db6eca8f3a83 /usr/local | |
parent | f9e80e5d657f6d67bb63411809564cb7f95eb8ff (diff) | |
download | pfsense-f7ca96741d67a0719da213d410cf17e4437619f4.zip pfsense-f7ca96741d67a0719da213d410cf17e4437619f4.tar.gz |
Encode ca/cert descr in vpn_openvpn_client.php
Diffstat (limited to 'usr/local')
-rw-r--r-- | usr/local/www/vpn_openvpn_client.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index 7ec74ce..1c2652a 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -758,7 +758,7 @@ if ($savemsg) if ($pconfig['caref'] == $ca['refid']) $selected = "selected=\"selected\""; ?> - <option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['descr'];?></option> + <option value="<?=$ca['refid'];?>" <?=$selected;?>><?=htmlspecialchars($ca['descr']);?></option> <?php endforeach; ?> </select> <?php else: ?> @@ -778,7 +778,7 @@ if ($savemsg) $revoked = ""; $ca = lookup_ca($cert['caref']); if ($ca) - $caname = " (CA: {$ca['descr']})"; + $caname = " (CA: " . htmlspecialchars($ca['descr']) . ")"; if ($pconfig['certref'] == $cert['refid']) $selected = "selected=\"selected\""; if (cert_in_use($cert['refid'])) @@ -786,7 +786,7 @@ if ($savemsg) if (is_cert_revoked($cert)) $revoked = " *Revoked"; ?> - <option value="<?=$cert['refid'];?>" <?=$selected;?>><?=$cert['descr'] . $caname . $inuse . $revoked;?></option> + <option value="<?=$cert['refid'];?>" <?=$selected;?>><?=htmlspecialchars($cert['descr']) . $caname . $inuse . $revoked;?></option> <?php endforeach; ?> <option value="" <?PHP if (empty($pconfig['certref'])) echo "selected=\"selected\""; ?>>None (Username and/or Password required)</option> </select> |