summaryrefslogtreecommitdiffstats
path: root/squid-saccess-html.lsp
diff options
context:
space:
mode:
authorTed Trask <ttrask01@yahoo.com>2009-01-15 21:44:39 +0000
committerTed Trask <ttrask01@yahoo.com>2009-01-15 21:44:39 +0000
commita009a60dd69a2fd67699dbf3183398779ec5721e (patch)
tree7f4c66f79d574bee51256f4e4610e6b7c65d201e /squid-saccess-html.lsp
parentc26612b5fe2867d6da9a7c31689e186a05ae6cff (diff)
downloadacf-squid-a009a60dd69a2fd67699dbf3183398779ec5721e.tar.bz2
acf-squid-a009a60dd69a2fd67699dbf3183398779ec5721e.tar.xz
Modified html.lua and viewlibrary.lua and all html files to html_escape variables before displaying them.
git-svn-id: svn://svn.alpinelinux.org/acf/squid/trunk@1678 ab2d0c66-481e-0410-8bed-d214d4d58bed
Diffstat (limited to 'squid-saccess-html.lsp')
-rw-r--r--squid-saccess-html.lsp6
1 files changed, 3 insertions, 3 deletions
diff --git a/squid-saccess-html.lsp b/squid-saccess-html.lsp
index 0c11f08..9b9a40f 100644
--- a/squid-saccess-html.lsp
+++ b/squid-saccess-html.lsp
@@ -18,7 +18,7 @@
If you wish to specify hosts that may access the Internet by IP address,
enter the address(es) in the box below, one per line.
</p>
-<textarea name="s_ip"><% io.write( service.config.s_ip ) %></textarea>
+<textarea name="s_ip"><%= html.html_escape( service.config.s_ip ) %></textarea>
<h2>Browser Identification</h2>
<p>
@@ -27,7 +27,7 @@ specify it here. Note that any client identifying itself as this type
of browser will be allowed anonymous access. Enter the browser identification(s)
in the box below, one per line. Regular expressions are allowed.
</p>
-<textarea name="s_browser"><% io.write( service.config.s_browser ) %></textarea>
+<textarea name="s_browser"><%= html.html_escape( service.config.s_browser ) %></textarea>
<h2>Special Domains</h2>
<p>
@@ -35,7 +35,7 @@ If you have a specail domain that needs to be accessed in a special way, you
may specify if here. This will allow anonymous access to the domains listed.
Enter the domain url below. Regular expressions are allowed.
</p>
-<textarea name="s_domain"><% io.write( service.config.s_domain ) %></textarea>
+<textarea name="s_domain"><%= html.html_escape( service.config.s_domain ) %></textarea>
<h3>Save Changes</h3>
<dl>