diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2018-11-28 22:16:14 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2018-11-28 22:16:14 +0100 |
| commit | 57fce758f5bd116e1f603d6435fb341f2741ab16 (patch) | |
| tree | 4634215589b2affeef25f7dd5c69ea7c2ff82a6e /app/views | |
| parent | 154a9f5acfc8b16072af0ecb89b2370e2b0d2d1d (diff) | |
Fix HTML injections (#2157)
Minz: Fix HTML injections
Diffstat (limited to 'app/views')
| -rw-r--r-- | app/views/error/index.phtml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/views/error/index.phtml b/app/views/error/index.phtml index fe3abf8c4..8fd74e8bf 100644 --- a/app/views/error/index.phtml +++ b/app/views/error/index.phtml @@ -2,7 +2,7 @@ <div class="alert alert-error"> <h1 class="alert-head"><?php echo $this->code; ?></h1> <p> - <?php echo $this->errorMessage; ?><br /> + <?php echo htmlspecialchars($this->errorMessage, ENT_NOQUOTES, 'UTF-8'); ?><br /> <a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('gen.action.back_to_rss_feeds'); ?></a> </p> </div> |