From eb113f864579b052e9a45558ed0a4f4ed08047c1 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Thu, 29 Jul 2010 10:42:16 +0000
Subject: [PATCH] openid: Fix cross-site scripting.

Can be exploited by a malicious openid provider to execute scripts
on the host using openid.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2444 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/openid/templates/consumer.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/openid/templates/consumer.php b/modules/openid/templates/consumer.php
index 8a709ce06..484934790 100644
--- a/modules/openid/templates/consumer.php
+++ b/modules/openid/templates/consumer.php
@@ -50,7 +50,7 @@ div.error {
 			Identity&nbsp;URL:
 			<input type="hidden" name="action" value="verify" />
 			<input id="openid-identifier" class="openid-identifier" type="text" name="openid_url" value="http://" />
-			<input type="hidden" name="AuthState" value="<?php echo $this->data['AuthState']; ?>" />
+			<input type="hidden" name="AuthState" value="<?php echo htmlspecialchars($this->data['AuthState']); ?>" />
 			<input type="submit" value="Login with OpenID" />
 		</fieldset>
 	</form>
-- 
GitLab