Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2026-04-24 18:59:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

Apply htmlentities in a couple of places to prevent xss

Browse Source 
Co-authored-by: wtwver <wtwver@users.noreply.github.com>
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
This commit is contained in:
Adam Warner
2021-09-11 20:03:05 +01:00
parent c5cfb2959b
commit 25df783378
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
scripts/pi-hole/php/func.php
View File

@@ -472,6 +472,7 @@ function returnSuccess($message = "", $json = true)
function returnError($message = "", $json = true)
{
$message = htmlentities($message) ;
if ($json) {
return [ "success" => false, "message" => $message ];
} else {