]> git.immae.eu Git - github/wallabag/wallabag.git/blobdiff - src/Wallabag/CoreBundle/Resources/views/base.html.twig
projects / github / wallabag / wallabag.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
views: escape piwik host and siteId to prevent XSS
[github/wallabag/wallabag.git] / src / Wallabag / CoreBundle / Resources / views / base.html.twig
diff --git a/src/Wallabag/CoreBundle/Resources/views/base.html.twig b/src/Wallabag/CoreBundle/Resources/views/base.html.twig
index 2499bb887adb87f2b2b99271f47dec83b168f59d..498619466fffdcd20a11366b748b53563dae5b17 100644 (file)
--- a/src/Wallabag/CoreBundle/Resources/views/base.html.twig
+++ b/src/Wallabag/CoreBundle/Resources/views/base.html.twig
@@ -69,7 +69,7 @@
         {% block footer %}{% endblock %}
 
         {% if craue_setting('piwik_enabled') %}
-            {{ piwik(craue_setting('piwik_host'), craue_setting('piwik_site_id')) }}
+            {{ piwik(craue_setting('piwik_host')|e('html_attr'), craue_setting('piwik_site_id')|e('html_attr')) }}
         {% endif %}
     </body>
 </html>
A self hostable application for saving web pages: Save and classify articles. Read them later. Freely.