From ed72fd1766ebb3e729f109e1ce45238acc89c7bd Mon Sep 17 00:00:00 2001
From: Michael Kaufmann <d00p@froxlor.org>
Date: Thu, 8 Jun 2023 12:13:24 +0200
Subject: [PATCH 1/2] exclude password fields from being filtered/escaped by
 AntiXSS, fixes #1150

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
---
 lib/Froxlor/PhpHelper.php | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/lib/Froxlor/PhpHelper.php b/lib/Froxlor/PhpHelper.php
index f5ee8089..7e08e2b5 100644
--- a/lib/Froxlor/PhpHelper.php
+++ b/lib/Froxlor/PhpHelper.php
@@ -449,7 +449,15 @@ class PhpHelper
 			'ssl_specialsettings',
 			'default_vhostconf_domain',
 			'ssl_default_vhostconf_domain',
-			'filecontent'
+			'filecontent',
+			'admin_password',
+			'password',
+			'new_customer_password',
+			'privileged_password',
+			'email_password',
+			'directory_password',
+			'ftp_password',
+			'mysql_password',
 		];
 		if (!empty($global)) {
 			$tmp = $global;

From e0fa64f897713d8bc8fc367ae86cbc8c265180e9 Mon Sep 17 00:00:00 2001
From: Michael Kaufmann <d00p@froxlor.org>
Date: Thu, 8 Jun 2023 12:33:48 +0200
Subject: [PATCH 2/2] fix update-check unit-tests now that the current testing
 version is at 2.1.0-dev1

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
---
 tests/Froxlor/FroxlorTest.php | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/tests/Froxlor/FroxlorTest.php b/tests/Froxlor/FroxlorTest.php
index 1719256d..0190b5e9 100644
--- a/tests/Froxlor/FroxlorTest.php
+++ b/tests/Froxlor/FroxlorTest.php
@@ -19,11 +19,14 @@ class FroxlorTest extends TestCase
 
 		$json_result = Froxlor::getLocal($admin_userdata)->checkUpdate();
 		$result = json_decode($json_result, true)['data'];
-		$this->assertEquals(0, $result['isnewerversion']);
-		if (defined('DEV_FROXLOR') && DEV_FROXLOR == 1) {
-			$this->assertEquals("You already have the latest testing-version of Froxlor installed.", $result['additional_info']);
-		} else {
-			$this->assertEquals("You already have the latest version of Froxlor installed.", $result['additional_info']);
+		$this->assertContains($result['isnewerversion'] ?? -1, [0,1]);
+		$this->assertNotEmpty($result['version']);
+		if ($result['isnewerversion'] == 0) {
+			if (defined('DEV_FROXLOR') && DEV_FROXLOR == 1) {
+				$this->assertEquals("You already have the latest testing-version of Froxlor installed.", $result['additional_info']);
+			} else {
+				$this->assertEquals("You already have the latest version of Froxlor installed.", $result['additional_info']);
+			}
 		}
 	}
 }