Commit 57ce0341 authored by Mike Keran's avatar Mike Keran
Browse files

Issue #2918762 by mikeker, tatarbj: XSS issues with "Enable secondary exposed...

Issue #2918762 by mikeker, tatarbj: XSS issues with "Enable secondary exposed form options" for users with Administer Views permissions
parent 69b8fc83
......@@ -849,7 +849,7 @@ dateFormat: "dd-mm-yy"
$secondary = array(
'#type' => 'fieldset',
'#title' => $settings['general']['secondary_label'],
'#title' => filter_xss_admin($settings['general']['secondary_label']),
'#collapsible' => TRUE,
'#collapsed' => $secondary_collapse,
'#theme' => 'secondary_exposed_elements',
......@@ -1048,7 +1048,7 @@ dateFormat: "dd-mm-yy"
'#type' => 'fieldset',
'#collapsible' => TRUE,
'#collapsed' => TRUE,
'#title' => $settings['sort']['advanced']['collapsible_label'],
'#title' => filter_xss_admin($settings['sort']['advanced']['collapsible_label']),
);
foreach ($sort_elems as $elem) {
$form['bef_sort_options'][$elem] = $form[$elem];
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment