Nemcio/Grav-Admin-Plugin
1
0
Fork 0
mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2025-10-30 09:56:11 +01:00
Code Issues Packages Projects Releases Activity

Set defaults

Browse Source
This commit is contained in:
Andy Miller
2018-09-29 21:40:21 -06:00
parent 44f7a4531c
commit c95b814c4b
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
classes/admincontroller.php
View File

@@ -648,8 +648,7 @@ class AdminController extends AdminBaseController
$route = '/' . ltrim($route, '/'); $route = '/' . ltrim($route, '/');
// XSS Checks for page content // XSS Checks for page content
$xss_whitelist = $this->grav['config']->get('security.xss_whitelist', []); $xss_whitelist = $this->grav['config']->get('security.xss_whitelist', 'admin.super');
if (!$this->admin->authorize($xss_whitelist)) { if (!$this->admin->authorize($xss_whitelist)) {
if ($issue = Utils::detectXss($data['content'])) { if ($issue = Utils::detectXss($data['content'])) {
$this->admin->setMessage(sprintf($this->admin->translate('PLUGIN_ADMIN.XSS_ISSUE'), $issue), $this->admin->setMessage(sprintf($this->admin->translate('PLUGIN_ADMIN.XSS_ISSUE'), $issue),
@@ -658,10 +657,10 @@ class AdminController extends AdminBaseController
} }
} }
// Check for valid frontmatter
if (isset($data['frontmatter']) && !$this->checkValidFrontmatter($data['frontmatter'])) { if (isset($data['frontmatter']) && !$this->checkValidFrontmatter($data['frontmatter'])) {
$this->admin->setMessage($this->admin->translate('PLUGIN_ADMIN.INVALID_FRONTMATTER_COULD_NOT_SAVE'), $this->admin->setMessage($this->admin->translate('PLUGIN_ADMIN.INVALID_FRONTMATTER_COULD_NOT_SAVE'),
'error'); 'error');
return false; return false;
} }