Sanitize user input on all API routes (references #996)

2025-08-15 10:14:39 +00:00 · 2020-10-14 22:49:29 +02:00
parent 7b8438bfa2
commit c11001467b
12 changed files with 98 additions and 28 deletions
--- a/controllers/TasksApiController.php
+++ b/controllers/TasksApiController.php
@@ -15,7 +15,7 @@ class TasksApiController extends BaseApiController
 	{
 		User::checkPermission($request, User::PERMISSION_TASKS_MARK_COMPLETED);

-		$requestBody = $request->getParsedBody();
+		$requestBody = $this->GetParsedAndFilteredRequestBody($request);

 		try
 		{