Prevent XSS on browse views

glpi-project · Jan 24, 2023 · 902e783 · 902e783
1 parent 7b3704c
commit 902e783
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 12 deletions.
diff --git a/src/Features/TreeBrowse.php b/src/Features/TreeBrowse.php
@@ -62,15 +62,9 @@ public static function showBrowseView(string $itemtype, array $params, $update =
 
         $ajax_url    = $CFG_GLPI["root_doc"] . "/ajax/treebrowse.php";
         $loading_txt = __s('Loading...');
-        $start       = isset($params['start'])
-                            ? $params['start']
-                            : 0;
-        $browse      = isset($params['browse'])
-                            ? $params['browse']
-                            : 0;
-        $is_deleted  = isset($params['is_deleted'])
-                            ? $params['is_deleted']
-                            : 0;
+        $start       = (int)($_REQUEST['start'] ?? 0);
+        $browse      = (int)($_REQUEST['browse'] ?? 0);
+        $is_deleted  = (int)($_REQUEST['is_deleted'] ?? 0);
         $criteria    = json_encode($params['criteria']);
 
         $category_list = json_encode(self::getTreeCategoryList($itemtype, $params));

diff --git a/src/Knowbase.php b/src/Knowbase.php
@@ -151,9 +151,7 @@ public static function showBrowseView()
         $rand        = mt_rand();
         $ajax_url    = $CFG_GLPI["root_doc"] . "/ajax/knowbase.php";
         $loading_txt = __s('Loading...');
-        $start       = isset($_REQUEST['start'])
-                        ? $_REQUEST['start']
-                        : 0;
+        $start       = (int)($_REQUEST['start'] ?? 0);
 
         $category_list = json_encode(self::getTreeCategoryList());
         $no_cat_found  = __s("No category found");