Skip to content
Permalink
Browse files Browse the repository at this point in the history
fix xss vulnerability
  • Loading branch information
andrewsauder committed Nov 3, 2021
1 parent 7996f44 commit 4acad1e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion include.cdn.php
Expand Up @@ -16,7 +16,7 @@
window.AS_APP = '<?php echo AS_APP; ?>';

function getFullURL() {
return '<?php echo trim( getFullURL(), '/'); ?>';
return '<?php echo trim( htmlspecialchars( getFullURL(), ENT_QUOTES ), '/'); ?>';
}

function getBaseURL() {
Expand Down

0 comments on commit 4acad1e

Please sign in to comment.