XWIKI-20672: Sanitize template URLs

surli · surli · commit 13875a6437d4 · 2023-02-22T09:46:27.000+01:00
diff --git a/xwiki-platform-core/xwiki-platform-flamingo/xwiki-platform-flamingo-skin/xwiki-platform-flamingo-skin-resources/src/main/resources/flamingo/delete.vm b/xwiki-platform-core/xwiki-platform-flamingo/xwiki-platform-flamingo-skin/xwiki-platform-flamingo-skin-resources/src/main/resources/flamingo/delete.vm
@@ -307,9 +307,9 @@
   </div>
   <button class="btn btn-danger confirm">$escapetool.xml($services.localization.render('delete'))</button>
   #if("$!{request.xredirect}" != '')
-    #set($cancelUrl = "$request.xredirect")
+    #getSanitizedURLAttributeValue('a','href',$request.xredirect,$doc.getURL(),$cancelUrl)
   #else
-    #set($cancelUrl = $doc.getURL())
+    #set($cancelUrl = $escapetool.xml($doc.getURL()))
   #end
   <a class="btn btn-default cancel" href="$!{escapetool.xml(${cancelUrl})}">$escapetool.xml($services.localization.render('cancel'))</a>
 #end
