[#482] Sanitize headermenu entries in admin view

Description

Summary:

Detailed description

headermenu plugin data is not properly sanitized. Entries containing ">" or "<" characters screw up the HTML code of the headermenu admin view.

To reproduce, activate headermenu plugin and add an entry URL: http://foo.bar Displayed Name: <blink>Foo</blink> -> Bar Description: <blink>Foo</blink> -> Bar

This patch adds htmlspecialchars() to shield from entries containing these characters. It is against current head (rev 16038)

General Information
Submitted by:
Marcel Baur
Date Submitted: 2012-07-26 09:32
Last Modified by: Nobody
Last Modified: 2017-11-02 20:00
Date Closed: 2012-08-16 08:13
Permalink: https://fusionforge.org/tracker/a_follow.php/482
Actions
Internal Fields
Data Type: Patches
Assigned to: Franck Villaume (nerville)
State: Closed
Priority: 3
Extra Fields
Base branch:
none
Resolution:
Accepted
Follow-up tabs
Message  ↓
Date: 2012-08-16 08:13
Sender: Franck Villaume

thanks for the patch. fix in trunk r16081

Attachments:
Size Name Date By Download
1 KiBheadermenu_sanitize.diff2012-07-26 09:32
Marcel Baur
headermenu_sanitize.diff

No related commits.

Field Old Value Date By
status_idOpen2012-08-16 08:13
Franck Villaume
close_dateNone2012-08-16 08:13
Franck Villaume
assigned_tonone2012-08-16 08:13
Franck Villaume
ResolutionNone2012-08-16 08:13
Franck Villaume
File Added272: headermenu_sanitize.diff2012-07-26 09:32
Marcel Baur

No relations found.