From 34651c481154f405affaef20af7b506114c9a69c Mon Sep 17 00:00:00 2001
From: phpnut <phpnut@cakephp.org>
Date: Sat, 5 Aug 2006 22:59:01 +0000
Subject: [PATCH] Adding fix for Ticket #1272 Fixes exploit with XSS and DEBUG
 === 0

git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@3362 3807eeeb-6ff5-0310-8944-8be069107fe0
---
 cake/libs/error.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/cake/libs/error.php b/cake/libs/error.php
index a17643a60..3b65f7940 100644
--- a/cake/libs/error.php
+++ b/cake/libs/error.php
@@ -26,6 +26,7 @@
  * @lastmodified	$Date$
  * @license			http://www.opensource.org/licenses/mit-license.php The MIT License
  */
+uses('sanitize');
 /**
  * Short description for file.
  *
@@ -47,6 +48,8 @@ class ErrorHandler extends Object{
 	function __construct($method, $messages) {
 		parent::__construct();
 		static $__previousError = null;
+		$clean = new Sanitize();
+		$messages = $clean->paranoid($messages, array('.'));
 		$this->__dispatch =& new Dispatcher();
 
 		if ($__previousError != array($method, $messages)) {