From 4f7e4c20d27b3a611a5a5939a98086c10a873dbf Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Thu, 9 Aug 2012 22:14:48 +0200
Subject: [PATCH] Sanitize user input

---
 apps/gallery/sharing.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/gallery/sharing.php b/apps/gallery/sharing.php
index 44fcd9c864b..a9683c02067 100644
--- a/apps/gallery/sharing.php
+++ b/apps/gallery/sharing.php
@@ -37,7 +37,7 @@ OCP\App::checkAppEnabled('gallery');
     <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js" type="text/javascript"></script>
     <script src="js/sharing.js" type="text/javascript"></script>
     <script>
-      var TOKEN = '<?php echo $_GET['token']; ?>';
+      var TOKEN = '<?php htmlentities(echo $_GET['token']); ?>';
     </script>
   </head>
   <body>
-- 
GitLab