Home Explore Help
Register Sign In
Apq
/
acme.sh
mirror of https://github.com/acmesh-official/acme.sh.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Merge pull request #5149 from Weishaupt/patch-1

Fix missing XML Escape in Password of INWX DNS API
neil 1 year ago
parent
beb31ab2fa fd461fe015
commit
dc341ef9c1
1 changed files with 12 additions and 1 deletions
Split View Show Diff Stats
  1. 12 1
      dnsapi/dns_inwx.sh

+ 12 - 1
dnsapi/dns_inwx.sh
View File 

@@ -163,6 +163,15 @@ _inwx_check_cookie() {
 
   return 1
 
 }
 
 
+_htmlEscape() {
 
+  local s
 
+  s=${1//&/&}
 
+  s=${s//</&lt;}
 
+  s=${s//>/&gt;}
 
+  s=${s//'"'/&quot;}
 
+  printf -- %s "$s"
 
+}
 
+
 
 _inwx_login() {
 
 
   if _inwx_check_cookie; then
 
@@ -170,6 +179,8 @@ _inwx_login() {
 
     return 0
 
   fi
 
 
+  XML_PASS=$(_htmlEscape "$INWX_Password")
 
+
 
   xml_content=$(printf '<?xml version="1.0" encoding="UTF-8"?>
 
   <methodCall>
 
   <methodName>account.login</methodName>
 
@@ -193,7 +204,7 @@ _inwx_login() {
 
     </value>
 
    </param>
 
   </params>
 
-  </methodCall>' "$INWX_User" "$INWX_Password")
 
+  </methodCall>' "$INWX_User" "$XML_PASS")
 
 
   response="$(_post "$xml_content" "$INWX_Api" "" "POST")"