Fix phpcbf style errors in part of code I didn't change

[friendica.git] / src / App / Page.php

diff --git a/src/App/Page.php b/src/App/Page.php
index 3c746ebccbe7d2e8861e5285709727e9634ceb03..e226252124fed000336299b23c859ccbdb48217f 100644 (file)
--- a/src/App/Page.php
+++ b/src/App/Page.php
@@ -73,6 +73,8 @@ class Page implements ArrayAccess
                'right_aside' => '',
                'template'    => '',
                'title'       => '',
+               'section'     => '',
+               'module'      => '',
        ];
        /**
         * @var string The basepath of the page
@@ -513,10 +515,15 @@ class Page implements ArrayAccess
 
                $page    = $this->page;
 
+               // add and escape some common but crucial content for direct "echo" in HTML (security)
+               $page['title']   = htmlspecialchars($page['title'] ?? '');
+               $page['section'] = htmlspecialchars($args->get(0) ?? 'generic');
+               $page['module']  = htmlspecialchars($args->getModuleName() ?? '');
+
                header("X-Friendica-Version: " . App::VERSION);
                header("Content-type: text/html; charset=utf-8");
 
-               if ($config->get('system', 'hsts') && ($baseURL->getSSLPolicy() == BaseURL::SSL_POLICY_FULL)) {
+               if ($config->get('system', 'hsts') && ($baseURL->getScheme() === 'https')) {
                        header("Strict-Transport-Security: max-age=31536000");
                }