fix #2094 검색과 관련된 입력 값에 대한 encode 적용

2026-04-22 03:42:18 +09:00 · 2017-05-23 13:36:00 +09:00 · 2017-05-23 13:36:00 +09:00 · 11707a8821
commit 11707a8821
parent 1c39d2b9cf
1 changed files with 1 additions and 1 deletions
--- a/classes/display/HTMLDisplayHandler.php
+++ b/classes/display/HTMLDisplayHandler.php
@ -74,7 +74,7 @@ class HTMLDisplayHandler

 		// SECISSUE https://github.com/xpressengine/xe-core/issues/1583
 		$oSecurity = new Security();
-		$oSecurity->encodeHTML('is_keyword');
+		$oSecurity->encodeHTML('is_keyword', 'search_keyword', 'search_target', 'order_target', 'order_type');

 		// add .x div for adminitration pages
 		if(Context::getResponseMethod() == 'HTML')