bitPickups/ad-aures_castoPod
1
0
Fork 0
mirror of https://github.com/ad-aures/castopod.git synced 2026-04-04 15:26:43 +02:00
Code Issues Projects Releases Packages Wiki Activity

fix(security): add csrf filter + prevent xss attacks by escaping user input

Browse source 
- update CI4 to v4.1.9's stable production package
- update php and js dependencies to latest
This commit is contained in:
Yassine Doghri 2022-03-04 14:33:48 +00:00
commit cd2e1e1dc3
182 changed files with 4410 additions and 4214 deletions
Download patch file Download diff file Expand all files Collapse all files

9
app/Controllers/MapController.php
View file

@ -34,6 +34,7 @@ class MapController extends BaseController
'cache_name' => $cacheName,
]);
}
return $found;
}
@ -50,19 +51,21 @@ class MapController extends BaseController
$found[] = [
'latitude' => $episode->location->latitude,
'longitude' => $episode->location->longitude,
'location_name' => $episode->location->name,
'location_name' => esc($episode->location->name),
'location_url' => $episode->location->url,
'episode_link' => $episode->link,
'podcast_link' => $episode->podcast->link,
'cover_url' => $episode->cover->thumbnail_url,
'podcast_title' => $episode->podcast->title,
'episode_title' => $episode->title,
'podcast_title' => esc($episode->podcast->title),
'episode_title' => esc($episode->title),
];
}
// The page cache is set to a decade so it is deleted manually upon episode update
cache()
->save($cacheName, $found, DECADE);
}
return $this->response->setJSON($found);
}
}