From 4b723832eaf1e7c0c776f08a8eddd2a4dd8fea4c Mon Sep 17 00:00:00 2001
From: Flavio Copes <copesc@gmail.com>
Date: Mon, 3 Jul 2017 17:10:22 +0200
Subject: [PATCH] Sanitize the error message in the error handler page

---
 CHANGELOG.md                                        | 1 +
 system/src/Grav/Common/Errors/SimplePageHandler.php | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f6df0f475..6bd4ad125 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,7 @@
 1. [](#bugfix)
     * Fixed global media files disappearing after a reload [#1545](https://github.com/getgrav/grav/issues/1545)
     * Fix for broken regex redirects/routes via `site.yaml`
+    * Sanitize the error message in the error handler page
 
 # v1.3.0-rc.4
 ## 06/22/2017
diff --git a/system/src/Grav/Common/Errors/SimplePageHandler.php b/system/src/Grav/Common/Errors/SimplePageHandler.php
index f236e53e7..9616b9d61 100644
--- a/system/src/Grav/Common/Errors/SimplePageHandler.php
+++ b/system/src/Grav/Common/Errors/SimplePageHandler.php
@@ -44,7 +44,7 @@ class SimplePageHandler extends Handler
         $vars = array(
             "stylesheet" => file_get_contents($cssFile),
             "code"        => $code,
-            "message"     => $message,
+            "message"     => filter_var(rawurldecode($message), FILTER_SANITIZE_STRING),
         );
 
         $helper->setVariables($vars);