Dotclear


Ignore:
Timestamp:
10/06/11 10:20:53 (14 years ago)
Author:
franck <carnet.franck.paul@…>
Branch:
default
Message:

Encode URL in Feed widget output, fixes #1281

File:
1 edited

Legend:

Unmodified
Added
Removed

  • plugins/widgets/_widgets_functions.php

    r475 r741  
    251251          $i = 0; 
    252252          foreach ($feed->items as $item) { 
    253                $li = isset($item->link) ? '<a href="'.$item->link.'">'.$item->title.'</a>' : $item->title; 
     253               $li = isset($item->link) ? '<a href="'.html::escapeHTML($item->link).'">'.$item->title.'</a>' : $item->title; 
    254254               $res .= ' <li>'.$li.'</li> '; 
    255255               $i++; 
Note: See TracChangeset for help on using the changeset viewer.

Sites map