(mvc) add some basic sanitization to api output

02ca80d8 · Ad Schellevis · a004fe9a · 02ca80d8
Commit 02ca80d8 authored Jul 31, 2015 by Ad Schellevis
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

ApiControllerBase.php ...e/mvc/app/controllers/OPNsense/Base/ApiControllerBase.php +1 -1

No files found.
--- a/src/opnsense/mvc/app/controllers/OPNsense/Base/ApiControllerBase.php
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Base/ApiControllerBase.php
@@ -90,7 +90,7 @@ class ApiControllerBase extends ControllerRoot
            $data = $dispatcher->getReturnedValue();
            if (is_array($data)) {
                $this->response->setContentType('application/json', 'UTF-8');
-                echo json_encode($data) ;
+                echo htmlspecialchars(json_encode($data), ENT_NOQUOTES);
            }
        }