From 3aed2449b36669e2d6014b881694949018b9aa5a Mon Sep 17 00:00:00 2001
From: Richard Gibson
Date: Mon, 14 Mar 2016 18:10:29 -0400
Subject: [PATCH] contribute.jquery.org: Sanitize input before rendering as
HTML
---
themes/contribute.jquery.org/cla-check.php | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/themes/contribute.jquery.org/cla-check.php b/themes/contribute.jquery.org/cla-check.php
index 2f1dfd4b..f75656cd 100644
--- a/themes/contribute.jquery.org/cla-check.php
+++ b/themes/contribute.jquery.org/cla-check.php
@@ -133,12 +133,15 @@ function neglectedAuthors( $data ) {
}
function commitLog( $data ) {
- $commitPrefix = "https://github.com/$data->owner/$data->repo/commit/";
+ $commitPrefix = "https://github.com/" .
+ htmlspecialchars( "$data->owner/$data->repo" ) .
+ "/commit/";
$html = "\n";
foreach ( $data->data->commits as $commit ) {
- $html .= "- $commit->hash
\n";
- $html .= "- " . htmlspecialchars( "$commit->name <$commit->email>" ) . "hash );
+ $html .= "
- $escapedHash
\n";
+ $html .= "- " . htmlspecialchars( "$commit->name <$commit->email>" ) . "
\n";
}
$html .= "
\n";
return $html;