diff options
author | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-06-10 18:46:53 +0000 |
---|---|---|
committer | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-06-10 18:46:53 +0000 |
commit | e16a87cf4d9bc9b9953638dbf3e68fc496b4a809 (patch) | |
tree | 51bd7dd58c95416fcde7526bbe33c882a8d46630 /pki/base/ra/forms/ee/request/status.cgi | |
parent | 9b418853f5c6a7d5f10388f4b69c409f2976ad5e (diff) | |
download | pki-e16a87cf4d9bc9b9953638dbf3e68fc496b4a809.tar.gz pki-e16a87cf4d9bc9b9953638dbf3e68fc496b4a809.tar.xz pki-e16a87cf4d9bc9b9953638dbf3e68fc496b4a809.zip |
Bugzilla Bug #471916 - RA: input validation
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@579 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/ra/forms/ee/request/status.cgi')
-rwxr-xr-x | pki/base/ra/forms/ee/request/status.cgi | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/pki/base/ra/forms/ee/request/status.cgi b/pki/base/ra/forms/ee/request/status.cgi index 9cbf8c483..6a3154716 100755 --- a/pki/base/ra/forms/ee/request/status.cgi +++ b/pki/base/ra/forms/ee/request/status.cgi @@ -53,7 +53,7 @@ sub process() my $util = PKI::Base::Util->new(); - my $id = $util->get_val($q->param('id')); + my $id = $util->get_alphanum_val($q->param('id')); my $docroot = PKI::Base::Registry->get_docroot(); my $parser = PKI::Base::Registry->get_parser(); @@ -71,11 +71,11 @@ sub process() } my %context; - $context{id} = $req->{'rowid'}; - $context{type} = $req->{'type'}; - $context{status} = $req->{'status'}; - $context{serialno} = $req->{'serialno'}; - $context{errorString} = $req->{'errorString'}; + $context{id} = $util->html_encode($req->{'rowid'}); + $context{type} =$util->html_encode($req->{'type'}); + $context{status} = $util->html_encode($req->{'status'}); + $context{serialno} = $util->html_encode($req->{'serialno'}); + $context{errorString} = $util->html_encode($req->{'errorString'}); my $result = $parser->execute_file_with_context("ee/request/status.vm", \%context); |