Skip to content
Snippets Groups Projects
Commit 7485a71b authored by Uma's avatar Uma
Browse files

Reverted general code logic for XSS attack

parent 99850345
No related branches found
No related tags found
1 merge request!511Fixes #1220 Reverted general code logic for XSS attack
Hide whitespace changes
Inline Side-by-side
include/utils/ListViewUtils.php
+ 2
2
View file @ 7485a71b
...@@ -675,9 +675,9 @@ function decode_html($str) { ...@@ -675,9 +675,9 @@ function decode_html($str) {
global $default_charset; global $default_charset;
// Direct Popup action or Ajax Popup action should be treated the same. // Direct Popup action or Ajax Popup action should be treated the same.
if ((isset($_REQUEST['action']) && $_REQUEST['action'] == 'Popup') || (isset($_REQUEST['file']) && $_REQUEST['file'] == 'Popup')) if ((isset($_REQUEST['action']) && $_REQUEST['action'] == 'Popup') || (isset($_REQUEST['file']) && $_REQUEST['file'] == 'Popup'))
return purifyHtmlEventAttributes(html_entity_decode($str)); return html_entity_decode($str);
else else
return purifyHtmlEventAttributes(html_entity_decode($str, ENT_QUOTES, $default_charset)); return html_entity_decode($str, ENT_QUOTES, $default_charset);
} }
function popup_decode_html($str) { function popup_decode_html($str) {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Copyright 2023 Vtiger. All rights reserved.