diff options
author | zotlabs <mike@macgirvin.com> | 2017-05-09 20:33:25 -0700 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2017-05-09 20:33:25 -0700 |
commit | 76d78571d6d7a5adfc6da9e3bbad56c15056bc4a (patch) | |
tree | 085666568ee0e47cf0ecf783e4c6638df3c9e431 | |
parent | 556407408fc3a8c0a912a23f8d8f9eb7a5872013 (diff) | |
download | volse-hubzilla-76d78571d6d7a5adfc6da9e3bbad56c15056bc4a.tar.gz volse-hubzilla-76d78571d6d7a5adfc6da9e3bbad56c15056bc4a.tar.bz2 volse-hubzilla-76d78571d6d7a5adfc6da9e3bbad56c15056bc4a.zip |
don't allow html in plugin comment blocks
-rwxr-xr-x | include/plugin.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/plugin.php b/include/plugin.php index 29474735e..db20152ea 100755 --- a/include/plugin.php +++ b/include/plugin.php @@ -356,6 +356,7 @@ function get_plugin_info($plugin){ return $info; $f = file_get_contents("addon/$plugin/$plugin.php"); + $f = escape_tags($f); $r = preg_match("|/\*.*\*/|msU", $f, $m); if ($r){ |