Skip to content
Snippets Groups Projects
Commit aeb46206 authored by Olav Morken's avatar Olav Morken
Browse files

templates - post: Escape data sent with HTTP-POST requests. 

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@111 44740490-163a-0410-bde0-09ae8108e29a
parent 0863e328
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
templates/default/en/post.php
+ 3
3
View file @ aeb46206
...@@ -11,9 +11,9 @@ ...@@ -11,9 +11,9 @@
<p><strong>Note:</strong> Since your browser does not support JavaScript, you must press the button below once to proceed.</p> <p><strong>Note:</strong> Since your browser does not support JavaScript, you must press the button below once to proceed.</p>
</noscript> </noscript>
<form method="post" action="<?php echo $data['destination']; ?>"> <form method="post" action="<?php echo htmlspecialchars($data['destination']); ?>">
<input type="hidden" name="SAMLResponse" value="<?php echo $data['response']; ?>" /> <input type="hidden" name="SAMLResponse" value="<?php echo htmlspecialchars($data['response']); ?>" />
<input type="hidden" name="<?php echo $data['RelayStateName']; ?>" value="<?php echo $data['RelayState']; ?>"> <input type="hidden" name="<?php echo htmlspecialchars($data['RelayStateName']); ?>" value="<?php echo htmlspecialchars($data['RelayState']); ?>">
<noscript> <noscript>
<input type="submit" value="Submit the response to the service" /> <input type="submit" value="Submit the response to the service" />
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment