Skip to content

See updates for Pull request changes#5

Open
derkmdt wants to merge 2 commits intoccoenraets:masterfrom
derkmdt:master
Open

See updates for Pull request changes#5
derkmdt wants to merge 2 commits intoccoenraets:masterfrom
derkmdt:master

Conversation

@derkmdt
Copy link

@derkmdt derkmdt commented Mar 13, 2014

No description provided.

derkmdt added 2 commits March 13, 2014 17:22
@derkmdt
Update index.php
ef0ea95 
According to a comment on http://coenraets.org/blog/2011/12/restful-services-with-jquery-php-and-the-slim-framework/ this has a XSS-hole pattern: 
----------
line 25:
echo ‘{“error”:{“text”:’. $e->getMessage() .’}}’;

secure:
$data = array(‘error’=> array(‘text’=>$e->getMessage()));
echo json_encode($data);
----------
bad:
echo ‘{“wine”: ‘ . json_encode($wines) . ‘}’;

better:
$data = array(‘wine’ => $wines);
echo json_encode($data);
----------

So these changes reflect this.
@derkmdt
Update index.php
96991e8 
Changed single quote ' character
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@derkmdt