summaryrefslogtreecommitdiffstats
path: root/src/usr/local/www/services_captiveportal_hostname.php
diff options
context:
space:
mode:
Diffstat (limited to 'src/usr/local/www/services_captiveportal_hostname.php')
-rw-r--r--src/usr/local/www/services_captiveportal_hostname.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/usr/local/www/services_captiveportal_hostname.php b/src/usr/local/www/services_captiveportal_hostname.php
index a4e46b0..6c2af91 100644
--- a/src/usr/local/www/services_captiveportal_hostname.php
+++ b/src/usr/local/www/services_captiveportal_hostname.php
@@ -43,7 +43,7 @@ $cpzone = $_GET['zone'];
if (isset($_POST['zone'])) {
$cpzone = $_POST['zone'];
}
-$cpzone = strtolower($cpzone);
+$cpzone = strtolower(htmlspecialchars($cpzone));
if (empty($cpzone) || empty($config['captiveportal'][$cpzone])) {
header("Location: services_captiveportal_zones.php");
OpenPOWER on IntegriCloud