diff options
| author | hubzilla <git@macgirvin.com> | 2016-06-13 08:16:26 +1000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2016-06-13 08:16:26 +1000 |
| commit | 290a14d29e82fa33ec53d55a400b556e48e10b09 (patch) | |
| tree | 27461e9de07590454f63ff7d9398e3f6361b692c /include | |
| parent | 0cada39c8afe1858a8e710ada8dfc66f4cb8f1bf (diff) | |
| parent | e109abbef7fed77898da7adb9d43e686dc96c29a (diff) | |
| download | volse-hubzilla-290a14d29e82fa33ec53d55a400b556e48e10b09.tar.gz volse-hubzilla-290a14d29e82fa33ec53d55a400b556e48e10b09.tar.bz2 volse-hubzilla-290a14d29e82fa33ec53d55a400b556e48e10b09.zip | |
Merge pull request #414 from anaqreon/1.8RC
Add filter to wiki content to prevent JavaScript code injection
Diffstat (limited to 'include')
| -rw-r--r-- | include/wiki.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/wiki.php b/include/wiki.php index f0785d549..4aa3fc1b4 100644 --- a/include/wiki.php +++ b/include/wiki.php @@ -279,7 +279,7 @@ function wiki_page_history($arr) { function wiki_save_page($arr) { $pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : ''); - $content = ((array_key_exists('content',$arr)) ? $arr['content'] : ''); + $content = ((array_key_exists('content',$arr)) ? purify_html($arr['content']) : ''); $resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : ''); $w = wiki_get_wiki($resource_id); if (!$w['path']) { |