From 2bc73e2e36fefc3c1ee1b8e97e686c6729e58dcb Mon Sep 17 00:00:00 2001
From: Andy Staudacher <andy.st@gmail.com>
Date: Mon, 31 Aug 2009 21:51:57 -0700
Subject: Fix XSS vectors in HTML attributes (mostly t() calls)

---
 modules/comment/views/admin_block_recent_comments.html.php | 2 +-
 modules/comment/views/admin_comments.html.php              | 2 +-
 modules/comment/views/comment.html.php                     | 2 +-
 modules/comment/views/comments.html.php                    | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

(limited to 'modules/comment')

diff --git a/modules/comment/views/admin_block_recent_comments.html.php b/modules/comment/views/admin_block_recent_comments.html.php
index dc3975e0..2afa5bf8 100644
--- a/modules/comment/views/admin_block_recent_comments.html.php
+++ b/modules/comment/views/admin_block_recent_comments.html.php
@@ -4,7 +4,7 @@
   <li class="<?= ($i % 2 == 0) ? "gEvenRow" : "gOddRow" ?>">
     <img src="<?= $comment->author()->avatar_url(32, $theme->url("images/avatar.jpg", true)) ?>"
          class="gAvatar"
-         alt="<?= html::clean($comment->author_name()) ?>"
+         alt="<?= html::clean_attribute($comment->author_name()) ?>"
          width="32"
          height="32" />
     <?= gallery::date_time($comment->created) ?>
diff --git a/modules/comment/views/admin_comments.html.php b/modules/comment/views/admin_comments.html.php
index 588c3ebc..f5970ae1 100644
--- a/modules/comment/views/admin_comments.html.php
+++ b/modules/comment/views/admin_comments.html.php
@@ -122,7 +122,7 @@
             <a href="<?= $item->url() ?>">
               <? if ($item->has_thumb()): ?>
               <img src="<?= $item->thumb_url() ?>"
-                 alt="<?= html::purify($item->title) ?>"
+                 alt="<?= html::purify($item->title)->for_html_attr() ?>"
                  <?= photo::img_dimensions($item->thumb_width, $item->thumb_height, 75) ?>
               />
               <? else: ?>
diff --git a/modules/comment/views/comment.html.php b/modules/comment/views/comment.html.php
index 1d0786cb..ce4e197d 100644
--- a/modules/comment/views/comment.html.php
+++ b/modules/comment/views/comment.html.php
@@ -4,7 +4,7 @@
     <a href="#">
       <img src="<?= $comment->author()->avatar_url(40, $theme->url("images/avatar.jpg", true)) ?>"
            class="gAvatar"
-           alt="<?= html::clean($comment->author_name()) ?>"
+           alt="<?= html::clean_attribute($comment->author_name()) ?>"
            width="40"
            height="40" />
     </a>
diff --git a/modules/comment/views/comments.html.php b/modules/comment/views/comments.html.php
index 1e45c946..b7ebdf3a 100644
--- a/modules/comment/views/comments.html.php
+++ b/modules/comment/views/comments.html.php
@@ -18,7 +18,7 @@
       <a href="#">
         <img src="<?= $comment->author()->avatar_url(40, $theme->url("images/avatar.jpg", true)) ?>"
              class="gAvatar"
-             alt="<?= html::clean($comment->author_name()) ?>"
+             alt="<?= html::clean_attribute($comment->author_name()) ?>"
              width="40"
              height="40" />
       </a>
-- 
cgit v1.2.3