Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fixes #13401: Fixed lack of escaping of request dump at exception scr…
…eens
  • Loading branch information
samdark committed Jan 17, 2017
1 parent 862a5dd commit 97171a0
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion framework/CHANGELOG.md
Expand Up @@ -104,7 +104,7 @@ Yii Framework 2 Change Log
- Enh: Added support for field `yii\console\controllers\BaseMigrateController::$migrationNamespaces` setup from CLI (schmunk42)
- Bug #13287: Fixed translating "and" separator in `UniqueValidator` error message (jetexe)
- Enh #11464: Populate foreign key names from schema (joaoppereira)

- Bug #13401: Fixed lack of escaping of request dump at exception screens (samdark)

2.0.10 October 20, 2016
-----------------------
Expand Down
2 changes: 1 addition & 1 deletion framework/web/ErrorHandler.php
Expand Up @@ -323,7 +323,7 @@ public function renderRequest()
}
}

return '<pre>' . rtrim($request, "\n") . '</pre>';
return '<pre>' . $this->htmlEncode(rtrim($request, "\n")) . '</pre>';
}

/**
Expand Down

0 comments on commit 97171a0

Please sign in to comment.