mirror of https://github.com/MISP/MISP
Merge branch 'hotfix-2.3.25' into develop
commit
2098c79549
|
@ -51,8 +51,8 @@ class EventShell extends AppShell
|
|||
} else {
|
||||
$file = new File($dir->pwd() . DS . 'misp.xml' . '.' . $org . '.xml');
|
||||
}
|
||||
$toEscape = array("&", "<");
|
||||
$escapeWith = array('&', '<');
|
||||
$toEscape = array("&", "<", ">", "\"", "'");
|
||||
$escapeWith = array('&', '<', '>', '"', ''');
|
||||
$file->write('<?xml version="1.0" encoding="UTF-8"?>' . PHP_EOL . '<response>');
|
||||
foreach ($eventIds as $k => $eventId) {
|
||||
$temp = $this->Event->fetchEvent($eventId['Event']['id'], null, $org, $isSiteAdmin, $this->Job->id);
|
||||
|
@ -60,6 +60,8 @@ class EventShell extends AppShell
|
|||
$result['Event']['Attribute'] = $result['Attribute'];
|
||||
$result['Event']['ShadowAttribute'] = $result['ShadowAttribute'];
|
||||
$result['Event']['RelatedEvent'] = $result['RelatedEvent'];
|
||||
$result['Event']['info'] = preg_replace ('/[^\x{0009}\x{000a}\x{000d}\x{0020}-\x{D7FF}\x{E000}-\x{FFFD}]+/u', ' ', $result['Event']['info']);
|
||||
$result['Event']['info'] = str_replace($toEscape, $escapeWith, $result['Event']['info']);
|
||||
|
||||
//
|
||||
// cleanup the array from things we do not want to expose
|
||||
|
|
Loading…
Reference in New Issue