Prevent XSS in error log viewer.
This commit is contained in:
parent
cae5c6e5cf
commit
3bf69fd21f
@ -47,9 +47,13 @@ class ManageErrors extends HTMLController
|
||||
'parse' => [
|
||||
'type' => 'function',
|
||||
'data' => function($row) {
|
||||
return $row['message'] . '<br><div><a onclick="this.parentNode.childNodes[1].style.display=\'block\';this.style.display=\'none\';">Show debug info</a>' .
|
||||
'<pre style="display: none">' . $row['debug_info'] . '</pre></div>' .
|
||||
'<small><a href="' . BASEURL . $row['request_uri'] . '">' . $row['request_uri'] . '</a></small>';
|
||||
return $row['message'] . '<br>' .
|
||||
'<div><a onclick="this.parentNode.childNodes[1].style.display=\'block\';this.style.display=\'none\';">Show debug info</a>' .
|
||||
'<pre style="display: none">' . htmlspecialchars($row['debug_info']) .
|
||||
'</pre></div>' .
|
||||
'<small><a href="' . BASEURL .
|
||||
htmlspecialchars($row['request_uri']) . '">' .
|
||||
htmlspecialchars($row['request_uri']) . '</a></small>';
|
||||
}
|
||||
],
|
||||
'header' => 'Message / URL',
|
||||
|
Loading…
Reference in New Issue
Block a user