Skip to content
Permalink
Browse files Browse the repository at this point in the history
Escape javascript variable content
Signed-off-by: Michal Čihař <michal@cihar.com>
  • Loading branch information
nijel committed Jan 25, 2016
1 parent 316792b commit aca42ef
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions templates/header_location.phtml
Expand Up @@ -25,8 +25,8 @@ $uri = isset($uri) ? $uri : null;
<body>
<script type="text/javascript">
//<![CDATA[
document.write('<p><a href="<?php echo htmlspecialchars($uri) ?>"><?php echo __('Go') ?></a></p>');
document.write('<p><a href="<?php echo PMA_escapeJsString(htmlspecialchars($uri)) ?>"><?php echo __('Go') ?></a></p>');
//]]>
</script>
</body>
</html>
</html>

0 comments on commit aca42ef

Please sign in to comment.