Ticket #3745: fixed-xss.patch
| File fixed-xss.patch, 0.7 kB (added by cronfy, 7 months ago) |
|---|
-
lib/sfPropelActAsCommentableBehavior.class.php
old new 51 51 { 52 52 if (strlen($comment['text']) > 0) 53 53 { 54 $comment['text'] = strip_tags($comment['text']); 55 $comment['created_at'] = time(); 54 $comment['text'] = strip_tags($comment['text']); 55 $comment['title'] = strip_tags($comment['title']); 56 $comment['author_name'] = strip_tags($comment['author_name']); 57 $comment['created_at'] = time(); 56 58 57 59 if (!isset($comment['namespace'])) 58 60 {
