Merge pull request #33 from nahakiole/fix-xss-issue

Fixing XSS security issue.
2026-02-02 09:38:00 +08:00 · 2015-11-10 08:49:04 +00:00
parent 21bd63961b 36eb076648
commit 24b75d26dd
1 changed files with 1 additions and 1 deletions
--- a/editor/editor.php
+++ b/editor/editor.php
@@ -52,7 +52,7 @@ if (isset($_GET['debug'])) {
 	<script type="text/javascript" src="/Mergely/lib/searchcursor.js"></script>

 	<script type="text/javascript">
-        var key = '<?php echo $key; ?>';
+        var key = '<?php echo htmlspecialchars($key, ENT_QUOTES, 'UTF-8'); ?>';
        var isSample = key == 'usaindep';
    </script>