Wiki source for Mod027bCodeFormatterInsecurity
==== Wikka Mod 027 ====
Type: Bug Fix
----
===Credit:===
**""PsychoMark""**
[[http://web.archive.org/web/20040822010046/http://www.wakkawiki.com/WakkaCustomization | WakkaCustomization @ WakkaWiki]]
----
**formatters\code.php**
New:
%%(php)
<?php
print("<pre>".htmlentities($text)."</pre>");
?>
%%
Old:
%%(php)
<?php
print("<pre>".$text."</pre>");
?>
%%
HTML codes in code blocks are not escaped by default. This caused me some problems with posting an XML snippet, so I changed formatters\code.php.
It's not like I'll be using HTML codes in code blocks anyways :)
""-- PsychoMark""
Type: Bug Fix
----
===Credit:===
**""PsychoMark""**
[[http://web.archive.org/web/20040822010046/http://www.wakkawiki.com/WakkaCustomization | WakkaCustomization @ WakkaWiki]]
----
**formatters\code.php**
New:
%%(php)
<?php
print("<pre>".htmlentities($text)."</pre>");
?>
%%
Old:
%%(php)
<?php
print("<pre>".$text."</pre>");
?>
%%
HTML codes in code blocks are not escaped by default. This caused me some problems with posting an XML snippet, so I changed formatters\code.php.
It's not like I'll be using HTML codes in code blocks anyways :)
""-- PsychoMark""
