Bug #25961

HTML should be escaped in the pre output of DebugExceptionHandler

Added by Aske Ertmann over 10 years ago. Updated over 9 years ago.

Status:
Resolved
Priority:
Should have
Category:
Error
Start date:
2011-04-14
Due date:
% Done:

0%

Estimated time:
PHP Version:
Has patch:
No
Complexity:

Description

I noticed this today when doing some debugging. Seems the html outputted in the pre tags isn't escaped..

<pre>00173:    echo '<html><body><textarea>' . $response . '</textarea></body></html>';
00174:   } else {

</pre>

Files

DebugExceptionHandler.jpg (394 KB) DebugExceptionHandler.jpg Aske Ertmann, 2011-04-14 13:47

Also available in: Atom PDF