From d920a7f24db947e3ff79ed09d06c466eb14e092a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20Pe=CC=81rez=20Crespo?= <jaime.perez@uninett.no>
Date: Wed, 23 Aug 2017 13:01:54 +0200
Subject: [PATCH] bugfix: Make sure to escape properly the current URL.

---
 modules/consentAdmin/templates/consentadmin.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/consentAdmin/templates/consentadmin.php b/modules/consentAdmin/templates/consentadmin.php
index af77298a9..13829af83 100644
--- a/modules/consentAdmin/templates/consentadmin.php
+++ b/modules/consentAdmin/templates/consentadmin.php
@@ -127,6 +127,6 @@ TRSTART;
 
         <h2>Logout</h2>
 
-            <p><a href="<?php echo \SimpleSAML\Utils\HTTP::getSelfURL() . '?logout'; ?>">Logout</a></p>
+            <p><a href="<?php echo htmlentities(\SimpleSAML\Utils\HTTP::getSelfURL()) . '?logout'; ?>">Logout</a></p>
 
 <?php $this->includeAtTemplateBase('includes/footer.php');
-- 
GitLab