(mvc) add some basic sanitization to api output

2026-03-16 01:24:38 +00:00 · 2015-07-31 21:37:22 +02:00 · 2015-07-31 21:37:22 +02:00 · 02ca80d843
commit 02ca80d843
parent a004fe9ac7
1 changed files with 1 additions and 1 deletions
--- a/src/opnsense/mvc/app/controllers/OPNsense/Base/ApiControllerBase.php
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Base/ApiControllerBase.php
@ -90,7 +90,7 @@ class ApiControllerBase extends ControllerRoot
            $data = $dispatcher->getReturnedValue();
            if (is_array($data)) {
                $this->response->setContentType('application/json', 'UTF-8');
-                echo json_encode($data) ;
+                echo htmlspecialchars(json_encode($data), ENT_NOQUOTES);
            }
        }