[Pkg-owncloud-commits] [owncloud] 04/258: Escape error messages
David Prévot
taffit at moszumanska.debian.org
Sat Oct 11 17:22:14 UTC 2014
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to branch master
in repository owncloud.
commit 5a8db83c48317eb3a1e395bc8db1270615fc5dca
Author: Lukas Reschke <lukas at owncloud.com>
Date: Wed Aug 27 17:01:51 2014 +0200
Escape error messages
---
lib/private/template.php | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/lib/private/template.php b/lib/private/template.php
index eaa58b7..173345c 100644
--- a/lib/private/template.php
+++ b/lib/private/template.php
@@ -272,19 +272,19 @@ class OC_Template extends \OC\Template\Base {
if (defined('DEBUG') and DEBUG) {
$hint = $exception->getTraceAsString();
if (!empty($hint)) {
- $hint = '<pre>'.$hint.'</pre>';
+ $hint = '<pre>'.OC_Util::sanitizeHTML($hint).'</pre>';
}
while (method_exists($exception, 'previous') && $exception = $exception->previous()) {
$error_msg .= '<br/>Caused by:' . ' ';
if ($exception->getCode()) {
- $error_msg .= '['.$exception->getCode().'] ';
+ $error_msg .= '['.OC_Util::sanitizeHTML($exception->getCode()).'] ';
}
- $error_msg .= $exception->getMessage();
+ $error_msg .= OC_Util::sanitizeHTML($exception->getMessage());
};
} else {
$hint = '';
if ($exception instanceof \OC\HintException) {
- $hint = $exception->getHint();
+ $hint = OC_Util::sanitizeHTML($exception->getHint());
}
}
self::printErrorPage($error_msg, $hint);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git
More information about the Pkg-owncloud-commits
mailing list