From 4ede3db3a71276ce607c3f48e76c9fb9ad9ba1ad Mon Sep 17 00:00:00 2001
From: Georgi Nikolov <ggeorgi60@gmail.com>
Date: Sat, 8 Feb 2025 18:39:15 +0200
Subject: Added sanitization of the url that is given to the archive script

---
 controllers/archive.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'controllers/archive.php')

diff --git a/controllers/archive.php b/controllers/archive.php
index 80c8b1f..54f5f4a 100644
--- a/controllers/archive.php
+++ b/controllers/archive.php
@@ -17,7 +17,7 @@ function on_post() {
 
     $WEBSITE_CATEGORY = 'url';
     $DOWNLOADS_FOLDER = getenv('ARCHIVES_DIR');
-    $website_url = $_POST[$WEBSITE_CATEGORY];
+    $website_url = htmlspecialchars($_POST[$WEBSITE_CATEGORY]);
     $uid = 1;
     $authorized = false;
     if ($TOKEN !== "") {
-- 
cgit v1.2.3