diff options
| author | Dries Buytaert <dries@buytaert.net> | 2010-08-22 11:04:09 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2010-08-22 11:04:09 +0000 |
| commit | ee691c593adfaf4c8046cf6ee2bc9796a28a1448 (patch) | |
| tree | f9d1237359050e35d9c977fa16b06a99ad3dfe84 /modules/system/system.module | |
| parent | c72614b01e595eb52e60905fafa74e05ddbe5f9d (diff) | |
| download | brdo-ee691c593adfaf4c8046cf6ee2bc9796a28a1448.tar.gz brdo-ee691c593adfaf4c8046cf6ee2bc9796a28a1448.tar.bz2 | |
- Patch #887102 by Heine: trigger and action escaping issues. Critical bug fix.
Diffstat (limited to 'modules/system/system.module')
| -rw-r--r-- | modules/system/system.module | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/system/system.module b/modules/system/system.module index d19c02912..85175c9f0 100644 --- a/modules/system/system.module +++ b/modules/system/system.module @@ -3062,7 +3062,7 @@ function system_message_action(&$entity, $context = array()) { $context['node'] = $entity; } - $context['message'] = token_replace($context['message'], $context); + $context['message'] = token_replace(filter_xss_admin($context['message']), $context); drupal_set_message($context['message']); } |