Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
die_coolen_jungs
our_own_cloud_project
Commits
62f6d25a
Commit
62f6d25a
authored
Mar 28, 2017
by
Sergio Bertolin
Browse files
Adding some protection against xml injection
parent
b6cd8fd2
Changes
1
Hide whitespace changes
Inline
Side-by-side
tests/integration/features/bootstrap/Comments.php
View file @
62f6d25a
<?php
/**
* @author Lukas Reschke <lukas@owncloud.com>
* @author Sergio Bertolin <sbertolin@owncloud.com>
*
* @copyright Copyright (c) 2017, ownCloud, Gmbh.
* @license AGPL-3.0
...
...
@@ -198,7 +199,7 @@ trait Comments {
<d:propertyupdate xmlns:d="DAV:" xmlns:oc="http://owncloud.org/ns">
<d:set>
<d:prop>
<oc:message>'
.
$content
.
'</oc:message>
<oc:message>'
.
htmlspecialchars
(
$content
,
ENT_XML1
,
'UTF-8'
)
.
'</oc:message>
</d:prop>
</d:set>
</d:propertyupdate>'
);
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment