diff options
| author | polo <ordipolo@gmx.fr> | 2022-03-10 03:12:58 +0100 |
|---|---|---|
| committer | polo <ordipolo@gmx.fr> | 2022-03-10 03:12:58 +0100 |
| commit | f331b3ab14f2b404c2089607aba2e2d434cd510d (patch) | |
| tree | 09ecb84aa9db383f661d9e9a064b0d3d13d40a8b /controller/Security.php | |
| parent | 608856e0853b7e1d9b9b43e69b2012227ccefb43 (diff) | |
| download | melaine-f331b3ab14f2b404c2089607aba2e2d434cd510d.zip | |
fichiers index.php
Diffstat (limited to 'controller/Security.php')
| -rw-r--r-- | controller/Security.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/controller/Security.php b/controller/Security.php index c53cdc6..15c44b2 100644 --- a/controller/Security.php +++ b/controller/Security.php | |||
| @@ -1,9 +1,6 @@ | |||
| 1 | <?php | 1 | <?php |
| 2 | // controller/Security.php | 2 | // controller/Security.php |
| 3 | 3 | ||
| 4 | // sécurité faille XSS avec htmLawed | ||
| 5 | require('lib/htmlawed/htmLawed.php'); | ||
| 6 | |||
| 7 | class Security | 4 | class Security |
| 8 | { | 5 | { |
| 9 | private static $configHtmLawed = array( | 6 | private static $configHtmLawed = array( |
| @@ -16,6 +13,9 @@ class Security | |||
| 16 | 13 | ||
| 17 | public static function secureString(string $chaine): string | 14 | public static function secureString(string $chaine): string |
| 18 | { | 15 | { |
| 16 | // sécurité faille XSS avec htmLawed | ||
| 17 | require('lib/htmlawed/htmLawed.php'); | ||
| 18 | |||
| 19 | $chaine = htmLawed($chaine, self::$configHtmLawed, self::$specHtmLawed); | 19 | $chaine = htmLawed($chaine, self::$configHtmLawed, self::$specHtmLawed); |
| 20 | $chaine = trim($chaine); // supprimer espaces, tabulations et sauts de ligne en début et fin de chaine (pour l'entrée de l'éditeur) | 20 | $chaine = trim($chaine); // supprimer espaces, tabulations et sauts de ligne en début et fin de chaine (pour l'entrée de l'éditeur) |
| 21 | return $chaine; | 21 | return $chaine; |