[562040] Provide support for donation from within the IDE
https://bugs.eclipse.org/bugs/show_bug.cgi?id=562040
Fix xxs vulnerability.
diff --git a/releng/org.eclipse.oomph.releng/www/donate/index.php b/releng/org.eclipse.oomph.releng/www/donate/index.php
index 6e9ded7..6a5fda8 100644
--- a/releng/org.eclipse.oomph.releng/www/donate/index.php
+++ b/releng/org.eclipse.oomph.releng/www/donate/index.php
@@ -102,13 +102,13 @@
$toggle_collapse = '<span style="font-size: 125%;" class="orange toggle-state-off">▷</span>';
$read_more = '<span style="font-size: 50%;" class="orange toggle-state-off"> read more...</span>';
-$scope = $_GET["scope"];
+$scope = htmlentities($_GET["scope"]);
if (!$scope)
{
$scope = "Eclipse IDE";
}
-$version = $_GET["version"];
+$version = htmlentities($_GET["version"]);
$version_label = "";
$version_parameter = "";
if (!$version)
@@ -122,7 +122,7 @@
}
$donate_parameter = "?scope=" . urlencode($scope);
-$campaign = $_GET["campaign"];
+$campaign = htmlentities($_GET["campaign"]);
if ($campaign)
{
$donate_parameter .= htmlentities("&campaign=") . urlencode($campaign);