Menu
▾
▴
[TWiki-Dev] [SVN] PeterThoeny r17837 - twiki/trunk/core/templates
|
From: <de...@de...> - 2009-02-23 04:15:20
|
Author: PeterThoeny Date: 2009-02-22 22:15:16 -0600 (Sun, 22 Feb 2009) New Revision: 17837 Trac url: http://develop.twiki.org/trac/changeset/17837 Modified: twiki/trunk/core/templates/viewtopicactionbuttons.tmpl Log: Item6186: Follow-up fix (oops, QUERYPARAMSTRING is not a regular variable) for XSS issue in QUERYPARAMSTRING (thanks MarcSchoenefeld and SteveMilner of Red Hat) Modified: twiki/trunk/core/templates/viewtopicactionbuttons.tmpl =================================================================== --- twiki/trunk/core/templates/viewtopicactionbuttons.tmpl 2009-02-23 04:14:31 UTC (rev 17836) +++ twiki/trunk/core/templates/viewtopicactionbuttons.tmpl 2009-02-23 04:15:16 UTC (rev 17837) @@ -18,7 +18,7 @@ %TMPL:DEF{"action_printable"}%%TMPL:P{"printable"}%%TMPL:P{"sep"}%%TMPL:END% -%TMPL:DEF{"printable"}%<span><a href='%SCRIPTURLPATH{"view"}%/%WEB%/%TOPIC%?cover=print%QUERYPARAMSTRING{ encoding="url" }%%REVARG%' rel='nofollow' %MAKETEXT{"title='Printable version of this topic' accesskey='p'>&Print version"}%</a></span>%TMPL:END% +%TMPL:DEF{"printable"}%<span><a href='%SCRIPTURLPATH{"view"}%/%WEB%/%TOPIC%?cover=print%ENCODE{%QUERYPARAMSTRING%}%%REVARG%' rel='nofollow' %MAKETEXT{"title='Printable version of this topic' accesskey='p'>&Print version"}%</a></span>%TMPL:END% %TMPL:DEF{"activatable_printable"}%%TMPL:P{"printable"}%%TMPL:END% |
