yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixes potential xss

Browse Source
This commit is contained in:
Shannon
2013-12-04 13:33:24 +11:00
parent 1efa75c891
commit 33aa4e2062
16 changed files with 28 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Umbraco.Web.UI/umbraco/plugins/tinymce3/insertMacro.aspx
View File

@@ -106,8 +106,8 @@
<input type="hidden" name="macroMode" value="<%=Request["mode"]%>" />
<%if (Request["umb_macroID"] != null || Request["umb_macroAlias"] != null)
{%>
<input type="hidden" name="umb_macroID" value="<%=Request.GetCleanedItem("umb_macroID")%>" />
<input type="hidden" name="umb_macroAlias" value="<%=Request.GetCleanedItem("umb_macroAlias")%>" />
<input type="hidden" name="umb_macroID" value="<%=Request.CleanForXss("umb_macroID")%>" />
<input type="hidden" name="umb_macroAlias" value="<%=Request.CleanForXss("umb_macroAlias")%>" />
<% }%>
<ui:Pane ID="pane_edit" runat="server" Visible="false">
<div class="macroPane">