Skip to content

Commit

Permalink
update
Browse files Browse the repository at this point in the history
  • Loading branch information
@peter-mw
peter-mw committed May 4, 2022
1 parent e9bd4f8 commit 527abd1
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 0 deletions.
4 changes: 4 additions & 0 deletions src/MicroweberPackages/App/Http/Controllers/ApiController.php
View file
Expand Up @@ -616,6 +616,8 @@ public function module()
if(is_string($v)) {
$v = str_replace('<', '-', $v);
$v = str_replace('>', '-', $v);
$v = str_replace('"', '-', $v);
$v = str_replace("'", '-', $v);
}
if(is_array($v)) {
$v = $xssClean->cleanArray($v);
Expand All @@ -626,6 +628,8 @@ public function module()
if(is_string($k)){
$k = str_replace('<', '-', $k);
$k = str_replace('>', '-', $k);
$k = str_replace('"', '-', $k);
$k = str_replace("'", '-', $k);

$k = $xssClean->clean($k);
if($k){
Expand Down
1 change: 1 addition & 0 deletions src/MicroweberPackages/Helper/XSSClean.php
View file
Expand Up @@ -99,6 +99,7 @@ public function clean($html)
'ondragleave',
'ondragover',
'ondragstart',
'ondragexit',
'ondrop',
'onfocusout',
'onfullscreenchange',
Expand Down

0 comments on commit 527abd1

Please sign in to comment.