[icinga-checkins] icinga.org: icingaweb2/bugfix/searchfield-escaping-12330: FilterEditor: escape values correctly

git at icinga.org git at icinga.org
Thu Dec 15 16:29:28 CET 2016


Module: icingaweb2
Branch: bugfix/searchfield-escaping-12330
Commit: 26185d523932bd00f6950c47ba4eda9a96e4e715
URL:    https://git.icinga.org/?p=icingaweb2.git;a=commit;h=26185d523932bd00f6950c47ba4eda9a96e4e715

Author: Alexander A. Klimov <alexander.klimov at icinga.com>
Date:   Thu Dec 15 16:27:50 2016 +0100

FilterEditor: escape values correctly

refs #12330

---

 library/Icinga/Web/Widget/FilterEditor.php |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/Icinga/Web/Widget/FilterEditor.php b/library/Icinga/Web/Widget/FilterEditor.php
index 3b80f1c..fe77fb1 100644
--- a/library/Icinga/Web/Widget/FilterEditor.php
+++ b/library/Icinga/Web/Widget/FilterEditor.php
@@ -522,7 +522,7 @@ class FilterEditor extends AbstractWidget
         return sprintf(
             '<input type="text" name="%s" value="%s" />',
             $this->elementId('value', $filter),
-            $value
+            $this->view()->escape($value)
         );
     }
 



More information about the icinga-checkins mailing list