[git] gnupg-doc - branch, preview, updated. b75b9c73c2b84dad6a855b76b7d2b857ab100c2a
by Werner Koch
cvs at cvs.gnupg.org
Sun May 14 12:52:49 CEST 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GnuPG website and other docs".
The branch, preview has been updated
via b75b9c73c2b84dad6a855b76b7d2b857ab100c2a (commit)
from 7c06e789c849938f69e608a99d69f12c74ed0e77 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b75b9c73c2b84dad6a855b76b7d2b857ab100c2a
Author: Werner Koch <wk at gnupg.org>
Date: Sun May 14 12:49:34 2017 +0200
cgi: Clean the user supplied $lang
diff --git a/cgi/procdonate.cgi b/cgi/procdonate.cgi
index 62dfd7b..c6dc026 100755
--- a/cgi/procdonate.cgi
+++ b/cgi/procdonate.cgi
@@ -112,9 +112,11 @@ sub write_template ($) {
$mail =~ s/\x22/\x27/g;
$message =~ s/\x22/\x27/g;
$separef =~ s/\x22/\x27/g;
+ $lang =~ s/\x22/\x27/g;
# Clean possible user provided data
$sessid =~ s/</\x26lt;/g;
+ $lang =~ s/</\x26lt;/g;
$amount =~ s/</\x26lt;/g;
$stripeamount =~ s/</\x26lt;/g;
$currency =~ s/</\x26lt;/g;
-----------------------------------------------------------------------
Summary of changes:
cgi/procdonate.cgi | 2 ++
1 file changed, 2 insertions(+)
hooks/post-receive
--
The GnuPG website and other docs
http://git.gnupg.org
More information about the Gnupg-commits
mailing list