Commit 11e13d16 authored by Michael Hawkins's avatar Michael Hawkins Committed by Jenkins

MDL-69911 core: Clean content passed through TeX filter

parent ce87be7d
......@@ -189,6 +189,9 @@ class filter_tex extends moodle_text_filter {
continue;
}
// Sanitize the decoded string, because filter_text_image() injects the final string between script tags.
$texexp = clean_param($texexp, PARAM_TEXT);
$md5 = md5($texexp);
if (!$DB->record_exists("cache_filters", array("filter"=>"tex", "md5key"=>$md5))) {
$texcache = new stdClass();
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment