cacert/cacert-webdb
9
0
Fork 0
Code Issues Pull requests 3 Projects Releases 4 Wiki Activity

Added XSS prevention

Browse source
This commit is contained in:
root 2008-11-24 12:43:19 +00:00
parent 16d7b35bae
commit 31c57ef051
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
www/ac.php
View file

@ -23,7 +23,7 @@
$s = mysql_real_escape_string($_REQUEST['s']);
$id = mysql_real_escape_string(strip_tags($_REQUEST['id']));
echo "parent._ac_rpc('$id',";
echo "parent._ac_rpc('".sanitizeHTML($id)."',";
$bits = explode(",", $s);