Nemcio/Grav-Admin-Plugin
1
0
Fork 0
mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2025-11-04 20:36:03 +01:00
Code Issues Packages Projects Releases Activity

Fix XSS checking when empty content #1533

Browse Source
This commit is contained in:
Andy Miller
2018-10-23 08:35:13 -06:00
parent 8f654dcacc
commit 5307038c98
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
classes/admincontroller.php
View File

@@ -658,7 +658,7 @@ class AdminController extends AdminBaseController
// XSS Checks for page content
$xss_whitelist = $this->grav['config']->get('security.xss_whitelist', 'admin.super');
if (!$this->admin->authorize($xss_whitelist)) {
$check_what = ['header' => $data['header'], 'content' => $data['content']];
$check_what = ['header' => $data['header'], 'content' => isset($data['content']) ? $data['content'] : ''];
$results = Security::detectXssFromArray($check_what);
if (!empty($results)) {
$this->admin->setMessage('<i class="fa fa-ban"></i> ' . $this->admin->translate('PLUGIN_ADMIN.XSS_ONSAVE_ISSUE'),