From e836c6b87049b2e052b9ac07afcdac566c23b09b Mon Sep 17 00:00:00 2001
From: Shish <shish@shishnet.org>
Date: Mon, 26 Jul 2010 17:32:07 +0100
Subject: [PATCH] close an xss hole

---
 contrib/rss_images/main.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contrib/rss_images/main.php b/contrib/rss_images/main.php
index c75817df..6b112d1e 100644
--- a/contrib/rss_images/main.php
+++ b/contrib/rss_images/main.php
@@ -16,7 +16,7 @@ class RSS_Images extends Extension {
 			$title = $config->get_string('title');
 
 			if(count($event->search_terms) > 0) {
-				$search = implode(' ', $event->search_terms);
+				$search = html_escape(implode(' ', $event->search_terms));
 				$page->add_header("<link id=\"images\" rel=\"alternate\" type=\"application/rss+xml\" ".
 					"title=\"$title - Images with tags: $search\" href=\"".make_link("rss/images/$search/1")."\" />");
 			}