diff options
Diffstat (limited to 'app/Controllers/authController.php')
| -rw-r--r-- | app/Controllers/authController.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php index b53747921..e97f09bc2 100644 --- a/app/Controllers/authController.php +++ b/app/Controllers/authController.php @@ -187,8 +187,8 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController { Minz_Request::forward(['c' => 'auth', 'a' => 'login'], false); } } elseif (FreshRSS_Context::systemConf()->unsafe_autologin_enabled) { - $username = Minz_Request::paramString('u'); - $password = Minz_Request::paramString('p'); + $username = Minz_Request::paramString('u', specialchars: true); + $password = Minz_Request::paramString('p', specialchars: true); Minz_Request::_param('p'); if ($username === '') { |