Skip to content

Commit

Permalink
Merge pull request #40 from forkcms/fix-xss-in-foms
Browse files Browse the repository at this point in the history 
Fix xss in SpoonForms.
  • Loading branch information
@WouterSioen
WouterSioen authored Jun 15, 2016
2 parents 4c70df9 + 740c954 commit 123d9fd
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions spoon/form/form.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -982,6 +982,8 @@ public function parse($template)
*/
public function setAction($action)
{
$action = str_replace('"', '&qout;', $action);

$this->action = (string) $action;
}

Expand Down

0 comments on commit 123d9fd

Please sign in to comment.