Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Sanitizing user input #5
While it would be nice if we could trust people not to include example files on live servers, a google search will reveal many people are serving RelativePath.Example1.php, including anyone running a here-unnamed CMS which includes this file in a subdirectory of the webroot.
The proposed changes simply escape the user input, closing an xss vulnerability.