Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Interchange: cvs

[interchange] Fix XSS in error tag display of failed submissions

  

 
Interchange cvs RSS feed   Index | Next | Previous | View Threaded


interchange-cvs at icdevgroup

Jul 25, 2013, 9:26 AM

Post #1 of 1 (36 views)
Permalink
[interchange] Fix XSS in error tag display of failed submissions
commit bea662dbb16afad9c683774f10c0046abc1735f9
Author: Josh Lavin <josh [at] perusion>
Date: Thu Jul 25 09:26:22 2013 -0700

Fix XSS in error tag display of failed submissions

code/SystemTag/error.coretag | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
---
diff --git a/code/SystemTag/error.coretag b/code/SystemTag/error.coretag
index 0cae2b3..e88dc1d 100644
--- a/code/SystemTag/error.coretag
+++ b/code/SystemTag/error.coretag
@@ -43,6 +43,9 @@ sub tag_error {
}
return set_error($error, $var, $opt);
}
+ unless(defined $opt->{filter}) {
+ $opt->{filter} = 'encode_entities';
+ }
my $err_ref = $Vend::Session->{errors};
my $text;
my @errors;

_______________________________________________
interchange-cvs mailing list
interchange-cvs [at] icdevgroup
http://www.icdevgroup.org/mailman/listinfo/interchange-cvs

Interchange cvs RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.