From cd3a9ec6a9a22fb3b46a293be7223f86b0006f24 Mon Sep 17 00:00:00 2001
From: Maiyannah Bishop <maiyannah.bishop@postactiv.com>
Date: Thu, 1 Sep 2016 17:11:02 -0400
Subject: [PATCH] [API] Security hotfix for source, picked from postActive

---
 actions/apistatusesupdate.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/actions/apistatusesupdate.php b/actions/apistatusesupdate.php
index de00325494..7271f8be63 100644
--- a/actions/apistatusesupdate.php
+++ b/actions/apistatusesupdate.php
@@ -166,6 +166,7 @@ class ApiStatusesUpdateAction extends ApiAuthAction
         parent::prepare($args);
 
         $this->status = $this->trimmed('status');
+        $this->source = $this->trimmed('source');
         $this->lat    = $this->trimmed('lat');
         $this->lon    = $this->trimmed('long');
         $matches = array();
@@ -294,6 +295,7 @@ class ApiStatusesUpdateAction extends ApiAuthAction
 
 
             $content = html_entity_decode($status_shortened, ENT_NOQUOTES, 'UTF-8');
+            $source = html_entity_decode($this->source, ENT_NOQUOTES, 'UTF-8');
 
             $options = array('reply_to' => $reply_to);