wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #10670 from owncloud/encodeExceptions

Browse source 
Escape error messages
This commit is contained in:
Lukas Reschke 2014-08-28 09:36:18 +02:00
commit 2f76117cb8
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
lib/private/template.php
View file

@ -272,19 +272,19 @@ class OC_Template extends \OC\Template\Base {
if (defined('DEBUG') and DEBUG) { if (defined('DEBUG') and DEBUG) {
$hint = $exception->getTraceAsString(); $hint = $exception->getTraceAsString();
if (!empty($hint)) { if (!empty($hint)) {
$hint = '<pre>'.$hint.'</pre>'; $hint = '<pre>'.OC_Util::sanitizeHTML($hint).'</pre>';
} }
while (method_exists($exception, 'previous') && $exception = $exception->previous()) { while (method_exists($exception, 'previous') && $exception = $exception->previous()) {
$error_msg .= '<br/>Caused by:' . ' '; $error_msg .= '<br/>Caused by:' . ' ';
if ($exception->getCode()) { if ($exception->getCode()) {
$error_msg .= '['.$exception->getCode().'] '; $error_msg .= '['.OC_Util::sanitizeHTML($exception->getCode()).'] ';
} }
$error_msg .= $exception->getMessage(); $error_msg .= OC_Util::sanitizeHTML($exception->getMessage());
}; };
} else { } else {
$hint = ''; $hint = '';
if ($exception instanceof \OC\HintException) { if ($exception instanceof \OC\HintException) {
$hint = $exception->getHint(); $hint = OC_Util::sanitizeHTML($exception->getHint());
} }
} }
self::printErrorPage($error_msg, $hint); self::printErrorPage($error_msg, $hint);