From be128e8158aac5a5c912bbf841bcf16b5d2399ff Mon Sep 17 00:00:00 2001
From: Thomas Citharel <tcit@tcit.fr>
Date: Mon, 9 Jul 2018 10:56:09 +0200
Subject: [PATCH] Handle XSS issue on date poll slots

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
---
 app/inc/smarty.php              | 4 ++++
 tpl/create_date_poll_step_2.tpl | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/app/inc/smarty.php b/app/inc/smarty.php
index 487a72e2..ff77dde3 100644
--- a/app/inc/smarty.php
+++ b/app/inc/smarty.php
@@ -77,6 +77,10 @@ function smarty_modifier_html($html) {
     return Utils::htmlEscape($html);
 }
 
+function smarty_modifier_html_special_chars($html) {
+    return Utils::htmlMailEscape($html);
+}
+
 function smarty_modifier_datepicker_path($lang) {
     $i = 0;
     while (!is_file(path_for_datepicker_locale($lang)) && $i < 3) {
diff --git a/tpl/create_date_poll_step_2.tpl b/tpl/create_date_poll_step_2.tpl
index da8b3554..b68bc5a9 100644
--- a/tpl/create_date_poll_step_2.tpl
+++ b/tpl/create_date_poll_step_2.tpl
@@ -70,7 +70,7 @@
                                     <div class="col-sm-2">
                                         <label for="d{$i}-h{$j}" class="sr-only control-label">{__('Generic', 'Time')} {$j+1}</label>
                                         <input type="text" class="form-control hours" title="{$day_value} - {__('Generic', 'Time')} {$j+1}"
-                                               placeholder="{__('Generic', 'Time')} {$j+1}" id="d{$i}-h{$j}" name="horaires{$i}[]" value="{$slot}"/>
+                                               placeholder="{__('Generic', 'Time')} {$j+1}" id="d{$i}-h{$j}" name="horaires{$i}[]" value="{$slot|html_special_chars}"/>
                                     </div>
                                 {/foreach}
 
-- 
GitLab