diff options
author | jim-p <jimp@pfsense.org> | 2015-07-01 11:19:50 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2015-07-01 11:19:50 -0400 |
commit | 28bb81784f0ba3e147b1d78224b0a43d6675e714 (patch) | |
tree | e538d111840e7bad4ce689324d6db1e5793be6f7 /usr | |
parent | 8bcc385b3a5325a04a1afd72f439a40c7faff098 (diff) | |
download | pfsense-28bb81784f0ba3e147b1d78224b0a43d6675e714.zip pfsense-28bb81784f0ba3e147b1d78224b0a43d6675e714.tar.gz |
Encode ca/cert descr in vpn_openvpn_server.php
Diffstat (limited to 'usr')
-rw-r--r-- | usr/local/www/vpn_openvpn_server.php | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index 7688fa8..a7ff4ce 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -1052,7 +1052,7 @@ if ($savemsg) { $selected = "selected=\"selected\""; } ?> - <option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['descr'];?></option> + <option value="<?=$ca['refid'];?>" <?=$selected;?>><?=htmlspecialchars($ca['descr']);?></option> <?php endforeach; ?> </select> <?php else: ?> @@ -1072,13 +1072,13 @@ if ($savemsg) { $caname = ""; $ca = lookup_ca($crl['caref']); if ($ca) { - $caname = " (CA: {$ca['descr']})"; + $caname = " (CA: " . htmlspecialchars($ca['descr']) . ")"; if ($pconfig['crlref'] == $crl['refid']) { $selected = "selected=\"selected\""; } } ?> - <option value="<?=$crl['refid'];?>" <?=$selected;?>><?=$crl['descr'] . $caname;?></option> + <option value="<?=$crl['refid'];?>" <?=$selected;?>><?=htmlspecialchars($crl['descr']) . $caname;?></option> <?php endforeach; ?> </select> <?php else: ?> @@ -1099,7 +1099,7 @@ if ($savemsg) { $revoked = ""; $ca = lookup_ca($cert['caref']); if ($ca) { - $caname = " (CA: {$ca['descr']})"; + $caname = " (CA: " . htmlspecialchars($ca['descr']) . ")"; } if ($pconfig['certref'] == $cert['refid']) { $selected = "selected=\"selected\""; @@ -1111,7 +1111,7 @@ if ($savemsg) { $revoked = " *Revoked"; } ?> - <option value="<?=$cert['refid'];?>" <?=$selected;?>><?=$cert['descr'] . $caname . $inuse . $revoked;?></option> + <option value="<?=$cert['refid'];?>" <?=$selected;?>><?=htmlspecialchars($cert['descr']) . $caname . $inuse . $revoked;?></option> <?php endforeach; ?> </select> <?php else: ?> |