From 8d04da7d04d3b6fa1b54a1dfff3080e356ae42e2 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Thu, 29 Jul 2010 10:42:27 +0000
Subject: [PATCH] openidProvider: Fix cross-site scripting.

If someone is able to perform a session fixation attack on the
openidProvider host, he can then make users execute scripts in that
domain.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2445 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/openidProvider/templates/trust.tpl.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/openidProvider/templates/trust.tpl.php b/modules/openidProvider/templates/trust.tpl.php
index f9241719f..5cbb59533 100644
--- a/modules/openidProvider/templates/trust.tpl.php
+++ b/modules/openidProvider/templates/trust.tpl.php
@@ -10,7 +10,7 @@ $params = array(
 echo('<p>' . $this->t('{openidProvider:openidProvider:confirm_question}', $params) . '</p>');
 ?>
 <form method="post" action="?">
-<input type="hidden" name="StateID" value="<?php echo $this->data['StateID']; ?>" />
+<input type="hidden" name="StateID" value="<?php echo htmlspecialchars($this->data['StateID']); ?>" />
 
 <input type="checkbox" name="TrustRemember" value="on" id="remember" />
 <label for="TrustRemember"><?php echo($this->t('{openidProvider:openidProvider:remember}')); ?></label>
-- 
GitLab