Skip to content

Commit

Permalink
Prevent reflective XSS vulnerabilities
Browse files Browse the repository at this point in the history
  • Loading branch information
@barryo
barryo committed Nov 15, 2014
1 parent 6bf6a8f commit 76bf501
Showing 1 changed file with 5 additions and 4 deletions.
9 changes: 5 additions & 4 deletions src/OSS/Form/User.php
View file
Expand Up @@ -50,7 +50,7 @@
class OSS_Form_User
{


/**
* A utility function for creating a standard email element for forms.
*
Expand All @@ -61,7 +61,7 @@ class OSS_Form_User
public static function createEmailElement( $name = 'email' )
{
$em = new Zend_Form_Element_Text( $name, $mx = false );

return $em->setAttrib( 'size', 32)
->setLabel( _( 'Email' ) )
->setAttrib( 'data-prompt', 'Add an email address' )
Expand All @@ -72,8 +72,9 @@ public static function createEmailElement( $name = 'email' )
->addValidator( 'StringLength', false, array( 5, 90 ) )
->addFilter( 'StringTrim' )
->addFilter( 'HtmlEntitiesDecode' )
->addFilter( 'StripTags' )
->addFilter( 'StripSlashes' );
}


}

0 comments on commit 76bf501

Please sign in to comment.