https://reisub.nsupdate.info/git
/
friendica.git
/
.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
96b1a00
)
Add htmlentities to protect nick/addr in acl_lookup
author
Hypolite Petovan
<mrpetovan@gmail.com>
Thu, 13 Apr 2017 22:33:40 +0000
(18:33 -0400)
committer
Hypolite Petovan
<mrpetovan@gmail.com>
Thu, 13 Apr 2017 22:33:40 +0000
(18:33 -0400)
include/acl_selectors.php
patch
|
blob
|
history
diff --git
a/include/acl_selectors.php
b/include/acl_selectors.php
index
4cc810f
..
9c3eab5
100644
(file)
--- a/
include/acl_selectors.php
+++ b/
include/acl_selectors.php
@@
-639,13
+639,13
@@
function acl_lookup(App $a, $out_type = 'json') {
if (count($contact) > 0) {
$unknown_contacts[] = array(
- 'type' => 'c
u
',
+ 'type' => 'c',
'photo' => proxy_url($contact['micro'], false, PROXY_SIZE_MICRO),
'name' => htmlentities($contact['name']),
'id' => intval($contact['cid']),
'network' => $contact['network'],
'link' => $contact['url'],
- 'nick' =>
$contact['nick'] ? : $contact['addr']
,
+ 'nick' =>
htmlentities($contact['nick'] ? : $contact['addr'])
,
'forum' => $contact['forum']
);
}