- This reverts commit 7c6ff5ff12331a53f416080a44c8d6145e78bfac - That commit removed the cleanhtml command which is not advised, based on feedback from Michael Tremer from other patch submissions as it creates a potential security problem.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- html/cgi-bin/dns.cgi | 2 ++ 1 file changed, 2 insertions(+)
diff --git a/html/cgi-bin/dns.cgi b/html/cgi-bin/dns.cgi index f3dd5c7a9..0a34d3fd6 100644 --- a/html/cgi-bin/dns.cgi +++ b/html/cgi-bin/dns.cgi @@ -141,6 +141,8 @@ if (($cgiparams{'SERVERS'} eq $Lang::tr{'save'}) || ($cgiparams{'SERVERS'} eq $L
# Go further if there was no error. if ( ! $errormessage) { + # Check if a remark has been entered. + $cgiparams{'REMARK'} = &Header::cleanhtml($cgiparams{'REMARK'});
my %dns_servers = (); my $id;