KTS-2178

"cross site scripting" Implemented. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6993 c91229c3-7414-0410-bfa2-8a42b809f60b

KTS-2178
"cross site scripting" Implemented. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6993 c91229c3-7414-0410-bfa2-8a42b809f60b
conradverm
1 parent bf5eae1f
Showing 1 changed file with 1 additions and 1 deletions
templates/ktcore/action/checkout_final.smarty
@@ -3,7 +3,7 @@
 {$context->oPage->requireJSResource("thirdpartyjs/MochiKit/Iter.js")}
 {$context->oPage->requireJSResource("thirdpartyjs/MochiKit/DOM.js")}
  
-{capture assign=sLocation}action=checkout_final&fDocumentId={$context->oDocument->getId()}&reason={$reason}{/capture}
+{capture assign=sLocation}action=checkout_final&fDocumentId={$context->oDocument->getId()}&reason={$reason|escape:'url'}{/capture}
  
 {capture assign=sJavascript}
 function doCheckout () {ldelim}