From 5f5136643562e53460af557efbb6f3c0a2a6fc80 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Thu, 9 Aug 2012 22:14:09 +0200
Subject: [PATCH] Sanitzing user input

---
 apps/gallery/sharing.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/gallery/sharing.php b/apps/gallery/sharing.php
index 44fcd9c864..af3e553e45 100644
--- a/apps/gallery/sharing.php
+++ b/apps/gallery/sharing.php
@@ -37,7 +37,7 @@ OCP\App::checkAppEnabled('gallery');
     <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js" type="text/javascript"></script>
     <script src="js/sharing.js" type="text/javascript"></script>
     <script>
-      var TOKEN = '<?php echo $_GET['token']; ?>';
+      var TOKEN = '<?php echo htmlentities($_GET['token']); ?>';
     </script>
   </head>
   <body>
-- 
GitLab