SomeGuy
/
sessioncommunities.online
Archived
1
0
Fork 1
Code Issues 13 Pull Requests 3 Activity

Fix image policy & silence warnings

Browse Source
pull/30/head
gravel 3 years ago
parent d03bc0e1df
commit 96983c62ae
Signed by: gravel
SSH Key Fingerprint: SHA256:p4HP49CCk4YQMkJpWJ09L8peEPQWjERtdCRAFxPfbOY
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File

2
sites/+components/page-head.php
Unescape Escape View File

@ -4,7 +4,7 @@
<meta
http-equiv="Content-Security-Policy"
content="
script-src 'self'; img-src 'self'; connect-src 'self'; font-src 'none';
script-src 'self'; img-src 'self' data:; connect-src 'self'; font-src 'none';
object-src 'none'; media-src 'none'; form-action 'none'; base-uri 'self';
"
>

5
sites/+components/tbl_communities.php
Unescape Escape View File

@ -53,10 +53,11 @@
$hostname = explode("/", $hostname)[0];
// Escape external input.
// Ternaries prevent passing null-equal strings, which produce warnings.
$id = htmlspecialchars($id);
$language = htmlspecialchars($room->language);
$language = $room->language ? htmlspecialchars($room->language) : "";
$name = htmlspecialchars($room->name);
$desc = htmlspecialchars($room->description);
$desc = $room->description ? htmlspecialchars($room->description) : "";
$users = htmlspecialchars($room->active_users);
$preview_link = htmlspecialchars($room->preview_link);
$join_link = htmlspecialchars($room->join_link);