Prevent XSS in error log viewer.
This commit is contained in:
parent
cae5c6e5cf
commit
3bf69fd21f
@ -47,9 +47,13 @@ class ManageErrors extends HTMLController
|
|||||||
'parse' => [
|
'parse' => [
|
||||||
'type' => 'function',
|
'type' => 'function',
|
||||||
'data' => function($row) {
|
'data' => function($row) {
|
||||||
return $row['message'] . '<br><div><a onclick="this.parentNode.childNodes[1].style.display=\'block\';this.style.display=\'none\';">Show debug info</a>' .
|
return $row['message'] . '<br>' .
|
||||||
'<pre style="display: none">' . $row['debug_info'] . '</pre></div>' .
|
'<div><a onclick="this.parentNode.childNodes[1].style.display=\'block\';this.style.display=\'none\';">Show debug info</a>' .
|
||||||
'<small><a href="' . BASEURL . $row['request_uri'] . '">' . $row['request_uri'] . '</a></small>';
|
'<pre style="display: none">' . htmlspecialchars($row['debug_info']) .
|
||||||
|
'</pre></div>' .
|
||||||
|
'<small><a href="' . BASEURL .
|
||||||
|
htmlspecialchars($row['request_uri']) . '">' .
|
||||||
|
htmlspecialchars($row['request_uri']) . '</a></small>';
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
'header' => 'Message / URL',
|
'header' => 'Message / URL',
|
||||||
|
Loading…
Reference in New Issue
Block a user