mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #1989 from owncloud/selectSanitize 

Sanitize HTML in html_select_options
This commit is contained in:
Björn Schießle 2013-02-28 08:51:07 -08:00
parent 93e713d378 cef6131ea8
commit 1cc7e6d31a
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/template.php
View File

@ -147,7 +147,7 @@ function html_select_options($options, $selected, $params=array()) {
$label = $label[$label_name];
}
$select = in_array($value, $selected) ? ' selected="selected"' : '';
$html .= '<option value="' . $value . '"' . $select . '>' . $label . '</option>'."\n";
$html .= '<option value="' . OC_Util::sanitizeHTML($value) . '"' . $select . '>' . OC_Util::sanitizeHTML($label) . '</option>'."\n";
}
return $html;
}