Fix reflected xss. Thanks to Dennis.

2025-07-01 23:36:00 +00:00 · 2022-05-21 16:09:08 +02:00 · 2022-05-21 16:09:08 +02:00 · 9ea83bf875
commit 9ea83bf875
parent 194715260d
1 changed files with 1 additions and 1 deletions
--- a/src/home.php
+++ b/src/home.php
@ -6,7 +6,7 @@
    $graphName = "";
    if (isset($_GET["graph"]))
    {
-        $graphId = $_GET["graph"];
+        $graphId = preg_replace( '/[\W]/', '', $_GET["graph"]);
        
        $graphSampleListFile = $g_config['graphSavePath'] . $g_config['graphExamplesFile'];