diff options
| author | Thomas Bruederli <thomas@roundcube.net> | 2013-02-14 23:23:51 +0100 |
|---|---|---|
| committer | Thomas Bruederli <thomas@roundcube.net> | 2013-02-14 23:23:51 +0100 |
| commit | cbb695a6de0f5cea9c78fc4bb700c0a6852f9a48 (patch) | |
| tree | 4c09a475fd2ae5dfdb5e59c84bf828117787e92a | |
| parent | 4279dd18eec644a3ee223c029d86692f2f2f3ce8 (diff) | |
Correctly quote spell text contents inside the xml container
| -rw-r--r-- | program/lib/Roundcube/rcube_spellchecker.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/program/lib/Roundcube/rcube_spellchecker.php b/program/lib/Roundcube/rcube_spellchecker.php index 3d4d3a3d6..d4f23d18a 100644 --- a/program/lib/Roundcube/rcube_spellchecker.php +++ b/program/lib/Roundcube/rcube_spellchecker.php @@ -354,7 +354,7 @@ class rcube_spellchecker $gtext = '<?xml version="1.0" encoding="utf-8" ?>' .'<spellrequest textalreadyclipped="0" ignoredups="0" ignoredigits="1" ignoreallcaps="1">' - .'<text>' . $gtext . '</text>' + .'<text>' . htmlspecialchars($gtext) . '</text>' .'</spellrequest>'; $store = ''; |