some more xss prevention

(cherry picked from commit 968c6ed8be580c1098587738fefa27b31dc4f5ef)
author: Mario Vavti <mario@mariovavti.com> 2019-03-18 20:30:25 +0000
committer: Mario <mario@mariovavti.com> 2019-03-18 21:37:02 +0100
commit: 85593343397347452629a223ef56ba66b9b50dd1 (patch)
tree: 93753c04cf37ba2aa6fc1703acaa4a3b33ae44d1 /Zotlabs/Module/Pubstream.php
parent: 8893d9edc4a2f861a0f5aac2638140fa3ceea235 (diff)
download: volse-hubzilla-85593343397347452629a223ef56ba66b9b50dd1.tar.gz
volse-hubzilla-85593343397347452629a223ef56ba66b9b50dd1.tar.bz2
volse-hubzilla-85593343397347452629a223ef56ba66b9b50dd1.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/Zotlabs/Module/Pubstream.php b/Zotlabs/Module/Pubstream.php
index 94df29984..84ac42f72 100644
--- a/Zotlabs/Module/Pubstream.php
+++ b/Zotlabs/Module/Pubstream.php
@@ -149,11 +149,11 @@ class Pubstream extends \Zotlabs\Web\Controller {
 				'$order'   => 'comment',
 				'$file'    => '',
 				'$cats'    => '',
-				'$tags'    => $hashtags,
+				'$tags'    => (($hashtags) ? urlencode($hashtags) : ''),
 				'$dend'    => '',
-				'$mid'     => $mid,
+				'$mid'     => (($mid) ? urlencode($mid) : ''),
 				'$verb'    => '',
-				'$net'     => $net,
+				'$net'     => (($net) ? urlencode($net) : ''),
 				'$dbegin'  => ''
 			));
 		}
author	Mario Vavti <mario@mariovavti.com>	2019-03-18 20:30:25 +0000
committer	Mario <mario@mariovavti.com>	2019-03-18 21:37:02 +0100
commit	85593343397347452629a223ef56ba66b9b50dd1 (patch)
tree	93753c04cf37ba2aa6fc1703acaa4a3b33ae44d1 /Zotlabs/Module/Pubstream.php
parent	8893d9edc4a2f861a0f5aac2638140fa3ceea235 (diff)
download	volse-hubzilla-85593343397347452629a223ef56ba66b9b50dd1.tar.gz volse-hubzilla-85593343397347452629a223ef56ba66b9b50dd1.tar.bz2 volse-hubzilla-85593343397347452629a223ef56ba66b9b50dd1.zip