don't allow html in plugin comment blocks

author: zotlabs <mike@macgirvin.com> 2017-05-09 20:33:25 -0700
committer: Mario Vavti <mario@mariovavti.com> 2017-05-10 14:49:32 +0200
commit: 60204becf4124a3feb1c009b645f32c7084902be (patch)
tree: 89eefa91b6894c25a72bfa97a73ab542314a45d4
parent: 032216153fb711173970109932fe31f241f82bf5 (diff)
download: volse-hubzilla-60204becf4124a3feb1c009b645f32c7084902be.tar.gz
volse-hubzilla-60204becf4124a3feb1c009b645f32c7084902be.tar.bz2
volse-hubzilla-60204becf4124a3feb1c009b645f32c7084902be.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/include/plugin.php b/include/plugin.php
index 29474735e..db20152ea 100755
--- a/include/plugin.php
+++ b/include/plugin.php
@@ -356,6 +356,7 @@ function get_plugin_info($plugin){
 		return $info;
 
 	$f = file_get_contents("addon/$plugin/$plugin.php");
+	$f = escape_tags($f);
 	$r = preg_match("|/\*.*\*/|msU", $f, $m);
 
 	if ($r){
author	zotlabs <mike@macgirvin.com>	2017-05-09 20:33:25 -0700
committer	Mario Vavti <mario@mariovavti.com>	2017-05-10 14:49:32 +0200
commit	60204becf4124a3feb1c009b645f32c7084902be (patch)
tree	89eefa91b6894c25a72bfa97a73ab542314a45d4
parent	032216153fb711173970109932fe31f241f82bf5 (diff)
download	volse-hubzilla-60204becf4124a3feb1c009b645f32c7084902be.tar.gz volse-hubzilla-60204becf4124a3feb1c009b645f32c7084902be.tar.bz2 volse-hubzilla-60204becf4124a3feb1c009b645f32c7084902be.zip