From c95b814c4b6ae310cefef36f12f19d488398bb3c Mon Sep 17 00:00:00 2001 From: Andy Miller Date: Sat, 29 Sep 2018 21:40:21 -0600 Subject: [PATCH] Set defaults --- classes/admincontroller.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/classes/admincontroller.php b/classes/admincontroller.php index 476e29d2..83b93c2c 100644 --- a/classes/admincontroller.php +++ b/classes/admincontroller.php @@ -648,8 +648,7 @@ class AdminController extends AdminBaseController $route = '/' . ltrim($route, '/'); // XSS Checks for page content - $xss_whitelist = $this->grav['config']->get('security.xss_whitelist', []); - + $xss_whitelist = $this->grav['config']->get('security.xss_whitelist', 'admin.super'); if (!$this->admin->authorize($xss_whitelist)) { if ($issue = Utils::detectXss($data['content'])) { $this->admin->setMessage(sprintf($this->admin->translate('PLUGIN_ADMIN.XSS_ISSUE'), $issue), @@ -658,10 +657,10 @@ class AdminController extends AdminBaseController } } + // Check for valid frontmatter if (isset($data['frontmatter']) && !$this->checkValidFrontmatter($data['frontmatter'])) { $this->admin->setMessage($this->admin->translate('PLUGIN_ADMIN.INVALID_FRONTMATTER_COULD_NOT_SAVE'), 'error'); - return false; }