Skip to content
Permalink
Browse files Browse the repository at this point in the history
パスワード抜きのXSS脆弱性対策
git-svn-id: http://svn.sourceforge.jp/svnroot/zerochplus/zerochplus/trunk@435 567da1b6-7cfc-4bc0-8471-d03287871468
  • Loading branch information
dekisugi committed Apr 30, 2013
1 parent 619ced1 commit 9ddf9ec
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions test/mordor/thread.res.pl
Expand Up @@ -257,6 +257,15 @@ sub PrintResList
$log = $Logger->Get($logsize - 1 + $i - $lastnum);
@logs = split(/<>/,$log,-1) if (defined $log);

foreach (0 .. $#logs) {
$logs[$_] =~ s/[\x0d\x0a\0]//g;
$logs[$_] =~ s/&/&amp;/g;
$logs[$_] =~ s/"/&quot;/g;
$logs[$_] =~ s/'/&#39;/g;
$logs[$_] =~ s/</&lt;/g;
$logs[$_] =~ s/>/&gt;/g;
}

$Page->Print("<tr><td class=\"Response\" valign=top>");

# レス削除権による表示抑制
Expand Down

0 comments on commit 9ddf9ec

Please sign in to comment.