Use strip_tags in post request too
This commit is contained in:
parent
5f42326514
commit
74b9324001
1 changed files with 3 additions and 3 deletions
|
@ -1389,11 +1389,11 @@ App::post('/v1/account/sessions/phone')
|
|||
$messageContent
|
||||
->setParam('{{project}}', $project->getAttribute('name'))
|
||||
->setParam('{{secret}}', $secret);
|
||||
$messageContent = \strip_tags($messageContent->render());
|
||||
$message = $message->setParam('{{token}}', $messageContent);
|
||||
|
||||
$message = $message->setParam('{{token}}', $messageContent->render(true, Template::FILTER_ESCAPE));
|
||||
$message = $message->render();
|
||||
|
||||
|
||||
$messageDoc = new Document([
|
||||
'$id' => $token->getId(),
|
||||
'data' => [
|
||||
|
@ -3122,8 +3122,8 @@ App::post('/v1/account/verification/phone')
|
|||
->setParam('{{project}}', $project->getAttribute('name'))
|
||||
->setParam('{{secret}}', $secret);
|
||||
$messageContent = \strip_tags($messageContent->render());
|
||||
|
||||
$message = $message->setParam('{{token}}', $messageContent);
|
||||
|
||||
$message = $message->render();
|
||||
|
||||
$messageDoc = new Document([
|
||||
|
|
Loading…
Reference in a new issue