Firewall Alias Item Double Quotation Mark Causes ACL Display Issue

Gram

It looks like the double quote character isn't properly escaped on Firewall Alias list items. It causes some issues when viewing the ACL.

Working without double quotation:

Broken with double quotation:

Screenshot_20160402_160051.png_thumb

Screenshot_20160402_160129.png_thumb

Screenshot_20160402_160345.png_thumb

Screenshot_20160402_160424.png_thumb

JorgeOliveira

Hello,

I have dug a little on the issue and seems certain parts of the GUI don't have calls to htmlspecialchars and such may cause this problem.

I'd advise the following change on /usr/local/www/guiconfig.inc line 1115:

$content .= 			$alias_details[$idx];

To

$content .= 			htmlspecialchars($alias_details[$idx]);

This may fix the issue you're seeing and hopefully not cause any drawbacks.

Regards,
Jorge M. Oliveira

Steve_B

Thanks.

The suggested fix has been applied.