Changeset 3152421

Timestamp:

09/16/2024 07:36:22 AM (15 months ago)

Author:

zoho

Message:

Changed url sanitization method esc_url() to esc_url_raw() since & is encoded in url param

Location:

zoho-forms

Files:

• tags/4.0.1/zohoForms.php (modified) (2 diffs)
• tags/4.0.2 (copied) (copied from zoho-forms/tags/4.0.1)
• tags/4.0.2/readme.txt (modified) (2 diffs)
• tags/4.0.2/zohoForms.php (modified) (3 diffs)
• trunk/readme.txt (modified) (1 diff)

zoho-forms/tags/4.0.1/zohoForms.php

@@ -53 +53 @@
     }
     $iframeJsCode = 'var f = document.createElement("iframe");
-             f.src = "'.esc_url($src).'";
+             f.src = "'.esc_url_raw($src).'";
              f.style.border="none";
              f.style.height="'.esc_attr($height).'";
@@ -87 +87 @@
     $src.='?'.$urlParams;
   }
-  return '<iframe height="'.esc_attr($height).'" width="'.esc_attr($width).'" frameborder="0" allowTransparency="true" scrolling="auto" src="'.esc_url($src).'"> </iframe>';  
+  return '<iframe height="'.esc_attr($height).'" width="'.esc_attr($width).'" frameborder="0" allowTransparency="true" scrolling="auto" src="'.esc_url_raw($src).'"> </iframe>';  
 }  
 

zoho-forms/tags/4.0.2/readme.txt

@@ -109 +109 @@
 == Changelog ==
 
+= 4.0.2 =
+
+* Bug fixes.
+
 = 4.0.1 =
 
@@ -155 +159 @@
 == Upgrade Notice ==
 
-= 4.0.1 =
+= 4.0.2 =
 
-* Bug fixes and security updates.
+* Bug fixes.

zoho-forms/tags/4.0.2/zohoForms.php

@@ -5 +5 @@
 Plugin URI: http://wordpress.org/extend/plugins/zohoforms
 Description: Embed forms just about anywhere on your WordPress website. Concentrate on just your content and let us take care of the coding for you.
-Version: 4.0.1
+Version: 4.0.2
 Author: Zoho Forms
 Author URI: https://forms.zoho.com
@@ -53 +53 @@
     }
     $iframeJsCode = 'var f = document.createElement("iframe");
-             f.src = "'.esc_url($src).'";
+             f.src = "'.esc_url_raw($src).'";
              f.style.border="none";
              f.style.height="'.esc_attr($height).'";
@@ -87 +87 @@
     $src.='?'.$urlParams;
   }
-  return '<iframe height="'.esc_attr($height).'" width="'.esc_attr($width).'" frameborder="0" allowTransparency="true" scrolling="auto" src="'.esc_url($src).'"> </iframe>';  
+  return '<iframe height="'.esc_attr($height).'" width="'.esc_attr($width).'" frameborder="0" allowTransparency="true" scrolling="auto" src="'.esc_url_raw($src).'"> </iframe>';  
 }  
 

zoho-forms/trunk/readme.txt

@@ -6 +6 @@
 Requires at least: 2.8
 Tested up to: 4.9.6
-Stable tag: 4.0.1
+Stable tag: 4.0.2
 License: GPLv2 or later
 License URI: https://www.gnu.org/licenses/gpl-2.0.html