diff options
| author | Matthew Somerville <matthew@mysociety.org> | 2019-12-05 15:55:20 +0000 |
|---|---|---|
| committer | Matthew Somerville <matthew@mysociety.org> | 2020-01-09 10:57:25 +0000 |
| commit | ba9efbd5b0bca630ecd6299240992efc3422dfca (patch) | |
| tree | 0ca290ee8e9b399e7dc5fd42adbed7161c79a06b /perllib/FixMyStreet/App/Controller/Admin | |
| parent | c4961f186e1bf5b9f14fa51e99c37bc013dd8e37 (diff) | |
Scrub admin description fields.
Diffstat (limited to 'perllib/FixMyStreet/App/Controller/Admin')
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Admin/Bodies.pm | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Admin/Bodies.pm b/perllib/FixMyStreet/App/Controller/Admin/Bodies.pm index ea03b146f..3b7739966 100644 --- a/perllib/FixMyStreet/App/Controller/Admin/Bodies.pm +++ b/perllib/FixMyStreet/App/Controller/Admin/Bodies.pm @@ -286,6 +286,7 @@ sub update_contact : Private { # Special form disabling form if ($c->get_param('disable')) { my $msg = $c->get_param('disable_message'); + $msg = FixMyStreet::Template::sanitize($msg); $errors{category} = _('Please enter a message') unless $msg; my $meta = { code => '_fms_disable_', |