From: Daniel Veillard <veillard@redhat.com>
Date: Fri, 3 Jul 2015 12:47:08 +0000 (+0800)
Subject: Avoid XSS vulnerability on the search engine
X-Git-Tag: v1.2.18-rc1~147
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d51876bc8e10d1f8872b28cea113b97018bddb1f;p=thirdparty%2Flibvirt.git

Avoid XSS vulnerability on the search engine

Raised by https://www.xssposed.org/incidents/69566/
Need to escape the user provided query before displaying it back
---

diff --git a/docs/search.php.code.in b/docs/search.php.code.in
index df25cd6578..84f87591d5 100644
--- a/docs/search.php.code.in
+++ b/docs/search.php.code.in
@@ -13,7 +13,7 @@
 
 <form action="<?php echo $_SERVER['PHP_SELF'], "?query=", rawurlencode($query) ?>"
       enctype="application/x-www-form-urlencoded" method="get">
-  <input name="query" type="text" size="50" value="<?php echo $query?>"/>
+  <input name="query" type="text" size="50" value="<?php echo htmlspecialchars($query, ENT_QUOTES, 'UTF-8')?>"/>
   <select name="scope">
     <option value="any">Search All</option>
     <option value="API" <?php if ($scope == 'API') print "selected='selected'"?>>Only the APIs</option>