composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-12 23:14:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

N°3581 - Dashlet plain text: Fix line returns while keeping XSS protection

Browse Source
This commit is contained in:
Molkobain
2021-03-18 20:22:55 +01:00
parent b3e3a27555
commit f567f581c3
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
application/dashlet.class.inc.php
View File

@@ -849,6 +849,7 @@ class DashletPlainText extends Dashlet
public function Render($oPage, $bEditMode = false, $aExtraParams = array())
{
$sText = $this->aProperties['text'];
$sText = utils::EscapeHtml($sText);
$sText = str_replace(array("\r\n", "\n", "\r"), "<br/>", $sText);
$sId = 'plaintext_'.($bEditMode ? 'edit_' : '').$this->sId;