Congegni
/
sintonia
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

XSS exploit prevention - audio preview

This commit is contained in:
denise 2013-02-05 17:24:39 -05:00
parent 50bfcb7eb8
commit 909f2c95c4
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
airtime_mvc/application/controllers/AudiopreviewController.php
View File

@ -62,8 +62,8 @@ class AudiopreviewController extends Zend_Controller_Action
$this->view->audioFileID = $audioFileID; $this->view->audioFileID = $audioFileID;
// We need to decode artist and title because it gets // We need to decode artist and title because it gets
// encoded twice in js // encoded twice in js
$this->view->audioFileArtist = urldecode($audioFileArtist); $this->view->audioFileArtist = htmlspecialchars(urldecode($audioFileArtist));
$this->view->audioFileTitle = urldecode($audioFileTitle); $this->view->audioFileTitle = htmlspecialchars(urldecode($audioFileTitle));
$this->view->type = $type; $this->view->type = $type;
$this->_helper->viewRenderer->setRender('audio-preview'); $this->_helper->viewRenderer->setRender('audio-preview');