diff options
author | matt <matt@59fd770c-687e-43c8-a1e3-f5a4ff64c105> | 2008-11-17 16:08:36 +0300 |
---|---|---|
committer | matt <matt@59fd770c-687e-43c8-a1e3-f5a4ff64c105> | 2008-11-17 16:08:36 +0300 |
commit | b7a86b53328437212439e18a8acdd6f8e099fa49 (patch) | |
tree | 8ea1f41bd7da5f4773b455f17b417d1352619d9f /core/ViewDataTable.php | |
parent | 890e7d9d15b89eed8ddc4bb0019fedd5c6250e4f (diff) |
- fixing escaping of script tag in referers (xss)
Diffstat (limited to 'core/ViewDataTable.php')
-rw-r--r-- | core/ViewDataTable.php | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/core/ViewDataTable.php b/core/ViewDataTable.php index 7f95c4b544..0123d03644 100644 --- a/core/ViewDataTable.php +++ b/core/ViewDataTable.php @@ -287,6 +287,7 @@ abstract class Piwik_ViewDataTable $this->showFooter = Piwik_Common::getRequestVar('showDataTableFooter', true); $this->variablesDefault['filter_excludelowpop_default'] = 'false'; $this->variablesDefault['filter_excludelowpop_value_default'] = 'false'; + $this->setSafeDecodeLabel(); } /** @@ -366,6 +367,7 @@ abstract class Piwik_ViewDataTable 'filter_exact_column',
'disable_generic_filters', 'disable_queued_filters', + 'filter_safe_decode_label' ); foreach($toSetEventually as $varToSet) { @@ -765,6 +767,16 @@ abstract class Piwik_ViewDataTable } /** + * The 'label' column in the datatable will be safely url decoded. + * + * @return void + */ + public function setSafeDecodeLabel() + { + $this->variablesDefault['filter_safe_decode_label'] = '1'; + } + + /** * Sets a custom parameter, that will be printed in the javascript array associated with each datatable * * @param string parameter name |