Fix potential XSS issue with [layers] tag.

MapServer · Apr 17, 2019 · 7d75e8f · 7d75e8f
1 parent 2b9d022
commit 7d75e8f
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/maptemplate.c b/maptemplate.c
@@ -3657,7 +3657,9 @@ static char *processLine(mapservObj *mapserv, char *instr, FILE *stream, int mod
     strlcat(repstr, " ", sizeof(repstr));
   }
   msStringTrimBlanks(repstr);
-  outstr = msReplaceSubstring(outstr, "[layers]", repstr);
+  encodedstr = msEncodeHTMLEntities(repstr);
+  outstr = msReplaceSubstring(outstr, "[layers]", encodedstr);
+  free(encodedstr);
 
   encodedstr = msEncodeUrl(repstr);
   outstr = msReplaceSubstring(outstr, "[layers_esc]", encodedstr);