diff options
| author | Luke Pulverenti <luke.pulverenti@gmail.com> | 2013-11-08 16:39:57 -0500 |
|---|---|---|
| committer | Luke Pulverenti <luke.pulverenti@gmail.com> | 2013-11-08 16:39:57 -0500 |
| commit | ecc89234458e4a01e9362cce86934dd35deb6879 (patch) | |
| tree | 93f28782886bd59846f7b17239edde6c50d0af2a | |
| parent | 04f165283bb383a9bb7b339444c693a559a57be9 (diff) | |
encode review input
| -rw-r--r-- | MediaBrowser.Api/PackageReviewService.cs | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/MediaBrowser.Api/PackageReviewService.cs b/MediaBrowser.Api/PackageReviewService.cs index cb3c80a83..e0d52ee8a 100644 --- a/MediaBrowser.Api/PackageReviewService.cs +++ b/MediaBrowser.Api/PackageReviewService.cs @@ -1,5 +1,6 @@ using System.Collections.Generic; using System.Globalization; +using System.Net; using System.Threading; using System.Threading.Tasks; using MediaBrowser.Common.Constants; @@ -140,13 +141,16 @@ namespace MediaBrowser.Api public void Post(CreateReviewRequest request) { + var reviewText = WebUtility.HtmlEncode(request.Review ?? string.Empty); + var title = WebUtility.HtmlEncode(request.Title ?? string.Empty); + var review = new Dictionary<string, string> { { "id", request.Id.ToString(CultureInfo.InvariantCulture) }, { "mac", _netManager.GetMacAddress() }, { "rating", request.Rating.ToString(CultureInfo.InvariantCulture) }, { "recommend", request.Recommend.ToString() }, - { "title", request.Title }, - { "review", request.Review }, + { "title", title }, + { "review", reviewText }, }; Task.WaitAll(_httpClient.Post(Constants.MbAdminUrl + "/service/packageReview/update", review, CancellationToken.None)); |