Fix logout iframe xss

ryanbrainard · ryanbrainard · commit 15ee7dca5743 · 2016-05-30T11:11:43.000+09:00
diff --git a/workbench/logout.php b/workbench/logout.php
@@ -17,7 +17,7 @@
 
         if (isset($_SESSION['oauth']['serverUrlPrefix']) && !empty($_SESSION['oauth']['serverUrlPrefix'])) {
             $redirectTime = 5000;
-            $uiLogoutIFrame = "<iframe src='". $_SESSION['oauth']['serverUrlPrefix'] .
+            $uiLogoutIFrame = "<iframe src='". htmlspecialchars($_SESSION['oauth']['serverUrlPrefix']) .
                               "/secur/logout.jsp' width='0' height='0' style='display:none;'></iframe>\n";
         }
     } else {

Original file line number	Diff line number	Diff line change
`@@ -17,7 +17,7 @@`
`17`	`17`
`18`	`18`	`if (isset($_SESSION['oauth']['serverUrlPrefix']) && !empty($_SESSION['oauth']['serverUrlPrefix'])) {`
`19`	`19`	`$redirectTime = 5000;`
`20`		`- $uiLogoutIFrame = "<iframe src='". $_SESSION['oauth']['serverUrlPrefix'] .`
	`20`	`+ $uiLogoutIFrame = "<iframe src='". htmlspecialchars($_SESSION['oauth']['serverUrlPrefix']) .`
`21`	`21`	`"/secur/logout.jsp' width='0' height='0' style='display:none;'></iframe>\n";`
`22`	`22`	`}`
`23`	`23`	`} else {`