WordPress.org
Get WordPress

Plugin Directory

Changeset 1169560


Ignore:
Timestamp:
05/28/2015 06:58:09 PM (11 years ago)
Author:
kyleabaker
Message:

v1.0.6

  • Fixed XSS security vulnerability
Location:
wp-useragent/trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • wp-useragent/trunk/readme.txt

    r1014529 r1169560  
    44Tags: useragent, user-agent, user agent, web, browser, web browser, operating system, platform, os, mac, apple, windows, win, linux, phone
    55Requires at least: 2.0
    6 Tested up to: 4.0
    7 Stable tag: 1.0.5
     6Tested up to: 4.2.2
     7Stable tag: 1.0.6
    88
    99== Description ==
     
    6666
    6767== Changelog ==
     68
     69= v1.0.6 =
     70* Fixed XSS security vulnerability
     71
    6872
    6973= v1.0.5 =
     
    597601== Upgrade Notice ==
    598602
    599 = v1.0.5 =
    600 * Added height and width attributes to icons to fix an issue with 'Simple Lazyload' (props: Yu)
     603= v1.0.6 =
     604* Fixed XSS security vulnerability

  • wp-useragent/trunk/wp-useragent.php

    r1014529 r1169560  
    44Plugin URI: http://kyleabaker.com/goodies/coding/wp-useragent/
    55Description: A simple User-Agent detection plugin that lets you easily insert icons and/or textual web browser and operating system details with each comment.
    6 Version: 1.0.5
     6Version: 1.0.6
    77Author: Kyle Baker
    88Author URI: http://kyleabaker.com/
     
    1111*/
    1212
    13 /* Copyright 2008-2014  Kyle Baker  (email: [email protected])
     13/* Copyright 2008-2015  Kyle Baker  (email: [email protected])
    1414    //Copyright 2008  Fernando Briano  (email : [email protected])
    1515
     
    129129
    130130    // Where should we display the useragent output?
    131     $useragent=$comment->comment_agent;
     131    $useragent=wp_strip_all_tags($comment->comment_agent, false);
    132132    if($ua_output_location=="before")
    133133    {
     
    245245
    246246        // Attach the full ua string to the output.
    247         $ua.="<small>".htmlspecialchars($comment->comment_agent)."</small>";
     247        $ua.="<small>".htmlspecialchars(wp_strip_all_tags($comment->comment_agent, false))."</small>";
    248248    }
    249249
     
    263263    {
    264264        get_currentuserinfo();
    265         $useragent=$comment->comment_agent;
     265        $useragent=wp_strip_all_tags($comment->comment_agent, false);
    266266        display_useragent();
    267267    }
Note: See TracChangeset for help on using the changeset viewer.