aboutsummaryrefslogtreecommitdiffhomepage
path: root/index.php
diff options
context:
space:
mode:
authorArthurHoaro <arthur@hoa.ro>2017-10-07 11:33:20 +0200
committerGitHub <noreply@github.com>2017-10-07 11:33:20 +0200
commitbe9ddff2fb8706ce575e95e8cd64458411895dbe (patch)
treeb2682f8f9567fda6ad7207f3c625bb616b4f47c2 /index.php
parentc8d96b4729a96ff2321862ca13a727658860e7a5 (diff)
parentd14555a3dfdc0d16badefcc54054802ae83752a4 (diff)
downloadShaarli-be9ddff2fb8706ce575e95e8cd64458411895dbe.tar.gz
Shaarli-be9ddff2fb8706ce575e95e8cd64458411895dbe.tar.zst
Shaarli-be9ddff2fb8706ce575e95e8cd64458411895dbe.zip
Merge pull request #987 from ArthurHoaro/hotfix/security-issue
Fix security issue reported by @chb9
Diffstat (limited to 'index.php')
-rw-r--r--index.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/index.php b/index.php
index c2552ce8..4068a828 100644
--- a/index.php
+++ b/index.php
@@ -840,7 +840,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history)
840 } 840 }
841 841
842 $data = array( 842 $data = array(
843 'search_tags' => implode(' ', $filteringTags), 843 'search_tags' => implode(' ', escape($filteringTags)),
844 'tags' => $tagList, 844 'tags' => $tagList,
845 ); 845 );
846 $pluginManager->executeHooks('render_tagcloud', $data, array('loggedin' => isLoggedIn())); 846 $pluginManager->executeHooks('render_tagcloud', $data, array('loggedin' => isLoggedIn()));
@@ -870,7 +870,7 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history)
870 } 870 }
871 871
872 $data = [ 872 $data = [
873 'search_tags' => implode(' ', $filteringTags), 873 'search_tags' => implode(' ', escape($filteringTags)),
874 'tags' => $tags, 874 'tags' => $tags,
875 ]; 875 ];
876 $pluginManager->executeHooks('render_taglist', $data, ['loggedin' => isLoggedIn()]); 876 $pluginManager->executeHooks('render_taglist', $data, ['loggedin' => isLoggedIn()]);