Skip to content
Snippets Groups Projects
Commit ada0d779 authored by Michael Hamann's avatar Michael Hamann
Browse files

Prevent HTML and JS injection in section names 

Before this change, HTML and some JS code (as far as it was not escaped
by json_encode) could be injected into the output as the closing pattern
that is checked by the regex is not escaped in JSON (see test case).
parent 75c3272a
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment