From ba4eb366c70ae50f623f9fd4a3c98431daaefad0 Mon Sep 17 00:00:00 2001
From: RiversideRocks <59586759+RiversideRocks@users.noreply.github.com>
Date: Wed, 30 Sep 2020 09:03:40 -0400
Subject: [PATCH] Prevent XSS

---
 index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.php b/index.php
index 86bb876..aa325b3 100644
--- a/index.php
+++ b/index.php
@@ -7,7 +7,7 @@ header('Content-Type: text/plain');
 
 $text = "Set a message by adding ?message=<message here> to the URL";
 if(isset($_GET['message']) && $_GET['message'] != '') {
-	$text = $_GET['message'];
+	$text = htmlspecialchars($_GET['message']);
 }
 
 $cow = Farm::create(\Cowsayphp\Farm\Cow::class);