diff options
| author | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-06-10 18:46:53 +0000 |
|---|---|---|
| committer | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-06-10 18:46:53 +0000 |
| commit | e16a87cf4d9bc9b9953638dbf3e68fc496b4a809 (patch) | |
| tree | 51bd7dd58c95416fcde7526bbe33c882a8d46630 /pki/base/ra/forms/agent/cert/revoke.cgi | |
| parent | 9b418853f5c6a7d5f10388f4b69c409f2976ad5e (diff) | |
| download | pki-e16a87cf4d9bc9b9953638dbf3e68fc496b4a809.tar.gz pki-e16a87cf4d9bc9b9953638dbf3e68fc496b4a809.tar.xz pki-e16a87cf4d9bc9b9953638dbf3e68fc496b4a809.zip | |
Bugzilla Bug #471916 - RA: input validation
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@579 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/ra/forms/agent/cert/revoke.cgi')
| -rwxr-xr-x | pki/base/ra/forms/agent/cert/revoke.cgi | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/pki/base/ra/forms/agent/cert/revoke.cgi b/pki/base/ra/forms/agent/cert/revoke.cgi index c437d4414..cfe0dc719 100755 --- a/pki/base/ra/forms/agent/cert/revoke.cgi +++ b/pki/base/ra/forms/agent/cert/revoke.cgi @@ -61,15 +61,15 @@ sub process() my $uid = $self->get_current_uid($cfg); my %context; - $context{uid} = $uid; + $context{uid} = $util->html_encode($uid); - my $serialno = $util->get_val($q->param('serialno')); + my $serialno = $util->get_alphanum_val($q->param('serialno')); my $subject_dn = $util->get_val($q->param('subject_dn')); - my $rid = $util->get_val($q->param('rid')); + my $rid = $util->get_alphanum_val($q->param('rid')); - $context{serialno} = $serialno; - $context{subject_dn} = $subject_dn; - $context{rid} = $rid; + $context{serialno} = $util->html_encode($serialno); + $context{subject_dn} = $util->html_encode($subject_dn); + $context{rid} = $util->html_encode($rid); my $result = $parser->execute_file_with_context("agent/cert/revoke.vm", \%context); |