From f4729db4f3035c276f4211e1a688e211ec1f5eb2 Mon Sep 17 00:00:00 2001
From: Khoa Nguyen <knd39@open.ac.uk>
Date: Mon, 19 Aug 2024 15:17:15 +0700
Subject: [PATCH] StudentQuiz: can we mitigate the potential XSS risks? #812360

---
 lib.php | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/lib.php b/lib.php
index c0bac58d..5b322f3c 100755
--- a/lib.php
+++ b/lib.php
@@ -73,6 +73,17 @@ function studentquiz_supports($feature) {
     }
 }
 
+/**
+ * Callback immediately after require_login succeeds.
+ */
+function studentquiz_after_require_login() {
+    global $PAGE, $CFG;
+
+    if ($PAGE->activityname === 'studentquiz') {
+        $CFG->forceclean = true;
+    }
+}
+
 /**
  * Saves a new instance of the StudentQuiz into the database
  *