summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--common/contrib/autologout/SA-CONTRIB-2017-081.patch28
1 files changed, 28 insertions, 0 deletions
diff --git a/common/contrib/autologout/SA-CONTRIB-2017-081.patch b/common/contrib/autologout/SA-CONTRIB-2017-081.patch
new file mode 100644
index 0000000..062d0f0
--- /dev/null
+++ b/common/contrib/autologout/SA-CONTRIB-2017-081.patch
@@ -0,0 +1,28 @@
+diff --git a/autologout.admin.inc b/autologout.admin.inc
+index 8e5583a..abdce81 100644
+--- a/autologout.admin.inc
++++ b/autologout.admin.inc
+@@ -86,7 +86,9 @@ function autologout_settings() {
+ '#title' => t('Message to display to the user after they are logged out.'),
+ '#default_value' => variable_get('autologout_inactivity_message', 'You have been logged out due to inactivity.'),
+ '#size' => 40,
+- '#description' => t('This message is displayed after the user was logged out due to inactivity. You can leave this blank to show no message to the user.'),
++ '#description' => t('This message is displayed after the user was logged out due to inactivity. You can leave this blank to show no message to the user.')
++ . ' ' . t('This text will passed through <a href="!url">filter_xss</a>.',
++ array('!url' => "https://api.drupal.org/api/drupal/includes%21common.inc/function/filter_xss/6.x")),
+ );
+
+ $form['autologout_use_watchdog'] = array(
+diff --git a/autologout.module b/autologout.module
+index 91587a4..db36289 100644
+--- a/autologout.module
++++ b/autologout.module
+@@ -700,7 +700,7 @@ function _autologout_logout_role($user) {
+ function _autologout_inactivity_message() {
+ $message = variable_get('autologout_inactivity_message', 'You have been logged out due to inactivity.');
+ if (!empty($message)) {
+- drupal_set_message(t($message));
++ drupal_set_message(filter_xss(t($message)));
+ }
+ }
+