friendica/view/templates/field_openid.tpl
Hypolite Petovan 6f9e15ea57 Remove escaping exception for form field values
- This could allow code injection from a malicious query leading to a form page
- Thanks to Laura Pîrcălăboiu for the report
2023-08-02 16:30:48 +02:00

8 lines
405 B
Smarty

<div class='field input openid' id='wrapper_{{$field.0}}'>
<label for='id_{{$field.0}}'>{{$field.1}}</label>
<input name='{{$field.0}}' id='id_{{$field.0}}' type="text" value="{{$field.2}}" {{if $field.4}} readonly="readonly" {{/if}} aria-describedby='{{$field.0}}_tip'>
{{if $field.3}}
<span class="field_help" role="tooltip" id="{{$field.0}}_tip">{{$field.3 nofilter}}</span>
{{/if}}
</div>