Revision: 1992
http://mrbs.svn.sourceforge.net/mrbs/?rev=1992&view=rev
Author: cimorrison
Date: 2011-09-22 08:38:29 +0000 (Thu, 22 Sep 2011)
Log Message:
-----------
Removed call to htmlspecialchars() on table header strings, because the vocab
strings are trusted and may contain HTML entities deliberately.
Modified Paths:
--------------
mrbs/branches/datatables/web/report.php
Modified: mrbs/branches/datatables/web/report.php
===================================================================
--- mrbs/branches/datatables/web/report.php 2011-09-22 08:17:28 UTC (rev
1991)
+++ mrbs/branches/datatables/web/report.php 2011-09-22 08:38:29 UTC (rev
1992)
@@ -132,7 +132,9 @@
$html .= "<tr>\n";
foreach ($values as $value)
{
- $html .= "<th>" . htmlspecialchars($value) . "</th>\n";
+ // We don't use htmlspecialchars() here because the vocab strings are
trusted.
+ // And some of them contain HTML entities such as on purpose
+ $html .= "<th>$value</th>\n";
}
$html .= "</tr>\n";
$html .= "</thead>\n<tbody>\n";
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2dcopy1
_______________________________________________
Mrbs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mrbs-commits
