Fix: HTML in Comments must be escaped. - openrat-cms - Unnamed repository; edit this file 'description' to name the repository.

commit fb42df66e9cbd8454174ab5534a4cfc2e9267a0b
parent 8f7d857c67fbe8604c289e5f8af8e3282db9e730
Author: dankert <openrat@jandankert.de>
Date:   Fri, 11 Mar 2022 19:25:58 +0100

Fix: HTML in Comments must be escaped.

Diffstat:
M modules/cms/output/UIOutput.class.php  | 2 +-

1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/modules/cms/output/UIOutput.class.php b/modules/cms/output/UIOutput.class.php
@@ -113,7 +113,7 @@ class UIOutput extends BaseOutput
 		if   ( DEVELOPMENT ) {
 			header('X-OR-Template: '.$templateFile               );
 
-			echo "<!--  \n".var_export($outputData,true)."\n-->";
+			echo "<!--  \n".htmlentities(var_export($outputData,true))."\n-->";
 		}
 
         $engine = new TemplateRunner();

	openrat-cms Unnamed repository; edit this file 'description' to name the repository.
	Log \| Files \| Refs \| README