diff options
Diffstat (limited to 'views')
| -rw-r--r-- | views/rss/group/default.php | 4 | ||||
| -rw-r--r-- | views/rss/object/default.php | 4 | ||||
| -rw-r--r-- | views/rss/river/item/list.php | 2 |
3 files changed, 5 insertions, 5 deletions
diff --git a/views/rss/group/default.php b/views/rss/group/default.php index 72d0dbd9a..281dc93cc 100644 --- a/views/rss/group/default.php +++ b/views/rss/group/default.php @@ -14,9 +14,9 @@ ?>
<item>
- <guid isPermaLink='true'><?php echo $vars['entity']->getURL(); ?></guid>
+ <guid isPermaLink='true'><?php echo htmlspecialchars($vars['entity']->getURL()); ?></guid>
<pubDate><?php echo date("r",$vars['entity']->time_created) ?></pubDate>
- <link><?php echo $vars['entity']->getURL(); ?></link>
+ <link><?php echo htmlspecialchars($vars['entity']->getURL()); ?></link>
<title><![CDATA[<?php echo (($vars['entity']->name)); ?>]]></title>
<description><![CDATA[<?php echo (autop($vars['entity']->description)); ?>]]></description>
</item>
diff --git a/views/rss/object/default.php b/views/rss/object/default.php index 5e50971c9..7b55c5846 100644 --- a/views/rss/object/default.php +++ b/views/rss/object/default.php @@ -22,9 +22,9 @@ ?>
<item>
- <guid isPermaLink='true'><?php echo $vars['entity']->getURL(); ?></guid>
+ <guid isPermaLink='true'><?php echo htmlspecialchars($vars['entity']->getURL()); ?></guid>
<pubDate><?php echo date("r",$vars['entity']->time_created) ?></pubDate>
- <link><?php echo $vars['entity']->getURL(); ?></link>
+ <link><?php echo htmlspecialchars($vars['entity']->getURL()); ?></link>
<title><![CDATA[<?php echo $title; ?>]]></title>
<description><![CDATA[<?php echo (autop($vars['entity']->description)); ?>]]></description>
</item>
diff --git a/views/rss/river/item/list.php b/views/rss/river/item/list.php index 6e2a33278..214f8c800 100644 --- a/views/rss/river/item/list.php +++ b/views/rss/river/item/list.php @@ -13,7 +13,7 @@ ),false,false,'default');
$time = date("r",$item->posted);
if ($entity = get_entity($item->object_guid)) {
- $url = str_replace('&','&',$entity->getURL());
+ $url = htmlspecialchars($entity->getURL());
} else {
$url = $vars['url'];
}
|