| [vhffs-dev] [2250] fixed bug #276, XSS issue with "msg" param |
[ Thread Index |
Date Index
| More vhffs.org/vhffs-dev Archives
]
Revision: 2250
Author: gradator
Date: 2014-10-13 00:05:42 +0200 (Mon, 13 Oct 2014)
Log Message:
-----------
fixed bug #276, XSS issue with "msg" param
Modified Paths:
--------------
trunk/vhffs-panel/templates/misc/header.tt
trunk/vhffs-panel/templates/misc/languages.tt
Modified: trunk/vhffs-panel/templates/misc/header.tt
===================================================================
--- trunk/vhffs-panel/templates/misc/header.tt 2014-10-12 21:12:09 UTC (rev 2249)
+++ trunk/vhffs-panel/templates/misc/header.tt 2014-10-12 22:05:42 UTC (rev 2250)
@@ -5,7 +5,7 @@
<!-- Flag navigations -->
<div class="navflag">
[% FOREACH l IN languages %]
- <a href="?[% query_string %];lang=[% l | html %]"><img src="/themes/[% theme %]/img/[% l | html %].png" alt="[% l %]"/></a>
+ <a href="?[% query_string | html %];lang=[% l | html %]"><img src="/themes/[% theme %]/img/[% l | html %].png" alt="[% l %]"/></a>
[% END %]
</div>
Modified: trunk/vhffs-panel/templates/misc/languages.tt
===================================================================
--- trunk/vhffs-panel/templates/misc/languages.tt 2014-10-12 21:12:09 UTC (rev 2249)
+++ trunk/vhffs-panel/templates/misc/languages.tt 2014-10-12 22:05:42 UTC (rev 2250)
@@ -1,5 +1,5 @@
<div class="navflag">
[% FOREACH l IN languages %]
- <a href="?[% query_string %];lang=[% l | html %]"><img src="/themes/[% theme %]/img/[% l | html %].png" alt="[% l %]"/></a>
+ <a href="?[% query_string | html %];lang=[% l | html %]"><img src="/themes/[% theme %]/img/[% l | html %].png" alt="[% l %]"/></a>
[% END %]
</div>