diff options
| -rw-r--r-- | conf/msg | 2 | ||||
| -rw-r--r-- | lib/exe/spellcheck.php | 3 |
2 files changed, 3 insertions, 2 deletions
@@ -1,4 +1,4 @@ -9 +10 The first line of this file contains a number, indicating which notification messages should not be displayed. This is the only information sent to dokuwiki.org when the diff --git a/lib/exe/spellcheck.php b/lib/exe/spellcheck.php index 65f80c5e8..aa1168136 100644 --- a/lib/exe/spellcheck.php +++ b/lib/exe/spellcheck.php @@ -272,7 +272,8 @@ function spell_resume(){ * Just send data back as received for UTF-8 testing */ function spell_utf8test(){ - print $_POST['data']; + // we need to return the raw value - substr protects against XSS + print substr($_POST['data'],0,3); } /** |