Userdata

* replace input filter FILTER_UNSAFE_RAW (+ STRIP flags) with regex checks to preserve \n and utf8 chars
2025-11-29 15:58:16 +08:00 · 2023-03-16 17:59:09 +01:00
parent ffa4cf5b29
commit 0c47f262ea
13 changed files with 75 additions and 53 deletions
--- a/includes/ajaxHandler/cookie.class.php
+++ b/includes/ajaxHandler/cookie.class.php
@@ -12,7 +12,7 @@ class AjaxCookie extends AjaxHandler
            return;

        $this->_get = array(
-            $params[0] => ['filter' => FILTER_UNSAFE_RAW, 'flags' => FILTER_FLAG_STRIP_AOWOW],
+            $params[0] => ['filter' => FILTER_CALLBACK, 'options' => 'AjaxHandler::checkTextLine'],
        );

        // NOW we know, what to expect and sanitize