harmacist/vichan
1
0
Fork 0
forked from GithubBackups/vichan
Code Pull Requests Activity

Run Purifier on Markdown's output, stop XSS bug

Browse Source
This commit is contained in:
8chan 2015-03-29 15:32:14 -07:00
parent a04c9ee81d
commit 972b3450cf
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
inc/mod/pages.php
View File

@ -3407,7 +3407,7 @@ function mod_edit_page($id) {
switch ($method) { switch ($method) {
case 'markdown': case 'markdown':
$write = markdown($content); $write = purify_html(markdown($content));
break; break;
case 'html': case 'html':
if (hasPermission($config['mod']['rawhtml'])) { if (hasPermission($config['mod']['rawhtml'])) {