xssClean needs HTML context

2026-03-03 07:13:59 +01:00 · 2014-08-28 21:28:51 +01:00
parent 86b62d52a0
commit 5f0d7a5a19
1 changed files with 2 additions and 2 deletions
--- a/lib/github.php
+++ b/lib/github.php
@@ -28,7 +28,7 @@ if (!$demoMode && isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] && isset
 			</body>
 			<script>
 			top.ICEcoder.githubAuthTokenSet = true;
-			goNext = "'.xssClean($_GET['goNext']).'";
+			goNext = "'.xssClean($_GET['goNext'],"html").'";
 			if (goNext=="showManager") {
 				top.ICEcoder.githubManager();
 			}
@@ -213,4 +213,4 @@ if (!$demoMode && isset($_SESSION['loggedIn']) && $_SESSION['loggedIn'] && isset
 	}

 }
-?>
+?>