mirror/php-rss-bridge
1
0
Fork 0
mirror of https://github.com/RSS-Bridge/rss-bridge.git synced 2025-07-30 21:30:14 +02:00
Code Issues Releases Wiki Activity

fix: escape token for html context (#3966)

Browse Source
This commit is contained in:
Dag
2024-02-09 07:27:16 +01:00
committed by GitHub
parent ae2eb2f1d1
commit 8a6798a227
5 changed files with 25 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
lib/BridgeCard.php
View File

@@ -104,9 +104,8 @@ final class BridgeCard
<input type="hidden" name="bridge" value="{$bridgeClassName}" />
EOD;
if ($token) {
// todo: maybe escape the token?
$form .= sprintf('<input type="hidden" name="token" value="%s" />', $token);
if (Configuration::getConfig('authentication', 'token') && $token) {
$form .= sprintf('<input type="hidden" name="token" value="%s" />', e($token));
}
if (!empty($contextName)) {