diff options
author | jim-p <jimp@pfsense.org> | 2011-10-11 15:35:33 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2011-10-11 15:37:00 -0400 |
commit | e696bc409f773579808ebf0e2e9bd03ae17d1f1a (patch) | |
tree | 027a22f54500f0cfb1e0667ba76ab0693817a746 /config/autoconfigbackup | |
parent | 77fd0fadbb154fd07ccf8b44a7ab59f519abff8e (diff) | |
download | pfsense-packages-e696bc409f773579808ebf0e2e9bd03ae17d1f1a.tar.gz pfsense-packages-e696bc409f773579808ebf0e2e9bd03ae17d1f1a.tar.bz2 pfsense-packages-e696bc409f773579808ebf0e2e9bd03ae17d1f1a.zip |
Run the decrypted backup through htmlentities, otherwise things like & in the actual config get turned into their decoded counterparts (&, ", etc) and if that result is copy/pasted, saved, and restored, it is invalid XML and gets tossed out.
Diffstat (limited to 'config/autoconfigbackup')
-rw-r--r-- | config/autoconfigbackup/autoconfigbackup.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/config/autoconfigbackup/autoconfigbackup.php b/config/autoconfigbackup/autoconfigbackup.php index e43620c4..5ebe8e20 100644 --- a/config/autoconfigbackup/autoconfigbackup.php +++ b/config/autoconfigbackup/autoconfigbackup.php @@ -267,7 +267,7 @@ EOF; $configtype = "Encrypted"; if (!tagfile_deformat($data, $data, "config.xml")) $input_errors[] = "The downloaded file does not appear to contain an encrypted pfSense configuration."; - $data = decrypt_data($data, $decrypt_password); + $data = htmlentities(decrypt_data($data, $decrypt_password)); if(!strstr($data, "pfsense")) { $data = "Could not decrypt. Different encryption key?"; $input_errors[] = "Could not decrypt config.xml"; |