diff options
| author | Nicolas Iooss | 2014-06-24 20:23:47 +0200 |
|---|---|---|
| committer | Pim van den Berg | 2014-06-30 20:38:32 +0200 |
| commit | 371e30a14aa51da456605ec4f5a5d37b5a3bd8e8 (patch) | |
| tree | 580166cdf9564700cccb26c01f50d8754d5672b9 /host.php | |
| parent | jsrrdgraph: Fix graph width to look like rrdtool. (diff) | |
| download | apt-panopticon_cgp-371e30a14aa51da456605ec4f5a5d37b5a3bd8e8.zip apt-panopticon_cgp-371e30a14aa51da456605ec4f5a5d37b5a3bd8e8.tar.gz apt-panopticon_cgp-371e30a14aa51da456605ec4f5a5d37b5a3bd8e8.tar.bz2 apt-panopticon_cgp-371e30a14aa51da456605ec4f5a5d37b5a3bd8e8.tar.xz | |
Escape HTML in GET-provided hostname
A malicious user can enter javascript code in "h" GET parameter and this
code gets executed because this parameter is copied in the HTML output
without any escaping. This patch escape the output before it is checked
it is valid.
Diffstat (limited to 'host.php')
| -rw-r--r-- | host.php | 4 |
1 files changed, 2 insertions, 2 deletions
| @@ -11,8 +11,8 @@ $selected_plugins = !$plugin ? $CONFIG['overview'] : array($plugin); | |||
| 11 | 11 | ||
| 12 | html_start(); | 12 | html_start(); |
| 13 | 13 | ||
| 14 | printf("<fieldset id=\"%s\">", $host); | 14 | printf("<fieldset id=\"%s\">", htmlentities($host)); |
| 15 | printf("<legend>%s</legend>", $host); | 15 | printf("<legend>%s</legend>", htmlentities($host)); |
| 16 | 16 | ||
| 17 | 17 | ||
| 18 | if (!$plugins = collectd_plugins($host)) { | 18 | if (!$plugins = collectd_plugins($host)) { |