From dd854379c20722a763ae7fe3d097a57a544cae80 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Wed, 3 Jun 2009 17:08:23 -0700
Subject: Sanitize all data we return via json_encode() to guard against XSS
 and other data leaks.

---
 modules/tag/controllers/admin_tags.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/tag')

diff --git a/modules/tag/controllers/admin_tags.php b/modules/tag/controllers/admin_tags.php
index 01884bb8..af5055ff 100644
--- a/modules/tag/controllers/admin_tags.php
+++ b/modules/tag/controllers/admin_tags.php
@@ -106,7 +106,7 @@ class Admin_Tags_Controller extends Admin_Controller {
         array("result" => "success",
               "location" => url::site("admin/tags"),
               "tag_id" => $tag->id,
-              "new_tagname" => $tag->name));
+              "new_tagname" => p::clean($tag->name)));
     } else {
       print json_encode(
         array("result" => "error",
-- 
cgit v1.2.3