[aur-dev] [PATCH] pkgbase.php: Escape error messages
Lukas Fleischer
lfleischer at archlinux.org
Wed Jun 10 06:59:14 UTC 2015
Fixes FS#45284.
Signed-off-by: Lukas Fleischer <lfleischer at archlinux.org>
---
web/html/pkgbase.php | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/web/html/pkgbase.php b/web/html/pkgbase.php
index 2f8f932..c834f8b 100644
--- a/web/html/pkgbase.php
+++ b/web/html/pkgbase.php
@@ -146,9 +146,9 @@ html_header($title, $details);
<?php if ($output): ?>
<?php if ($ret): ?>
-<p class="pkgoutput"><?= $output ?></p>
+<p class="pkgoutput"><?= htmlspecialchars($output) ?></p>
<?php else: ?>
-<ul class="errorlist"><li><?= $output ?></li></ul>
+<ul class="errorlist"><li><?= htmlspecialchars($output) ?></li></ul>
<?php endif; ?>
<?php endif; ?>
--
2.4.2
More information about the aur-dev
mailing list