extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-21 23:43:17 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added error message if the json content got thrown away because there was javascript in it

Browse Source
This commit is contained in:
Andreas Stöckel 2010-06-29 12:58:55 +00:00
parent c30c4ce198
commit 6558a861a1
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
json.php
View File

@ -90,6 +90,10 @@ if (isset($_GET['menuaction']))
$json = new egw_json_request(); $json = new egw_json_request();
//Check whether the request data is set //Check whether the request data is set
if (isset($GLOBALS['egw_unset_vars']['_POST[json_data]']))
{
throw new egw_exception_assertion_failed("JSON Data contains script tags. Aborting...");
}
$json->parseRequest($_GET['menuaction'], (array)$_POST['json_data']); $json->parseRequest($_GET['menuaction'], (array)$_POST['json_data']);
common::egw_exit(); common::egw_exit();
} }