diff options
| author | Christian Schneider | 2007-11-10 18:18:21 +0000 |
|---|---|---|
| committer | Christian Schneider | 2007-11-10 18:18:21 +0000 |
| commit | 943742dad742cad540d30e7723de1eef43b713fc (patch) | |
| tree | e9b3c67ca7c623558ece2dd9b4e1f5efe310cba7 | |
| parent | 91b7f11c1802f5fc20656c43d8912722b5f2f46a (diff) | |
| download | itools-943742dad742cad540d30e7723de1eef43b713fc.tar.gz itools-943742dad742cad540d30e7723de1eef43b713fc.tar.bz2 itools-943742dad742cad540d30e7723de1eef43b713fc.zip | |
Untaint url after sanitizing it
| -rw-r--r-- | it_url.class | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/it_url.class b/it_url.class index 5e29905..f92f4bb 100644 --- a/it_url.class +++ b/it_url.class @@ -539,7 +539,10 @@ function redirect($url = null) if (EDC('noredir')) echo "<a href='" . htmlspecialchars(it_url::absolute($url)) . "'>" . htmlspecialchars($url) . "</a><br />"; else - header('Location: '.preg_replace("/[\r\n].*/", '', it_url::absolute($url))); # Security: cut after CR/LF + { + $url = preg_replace("/[\r\n].*/", '', it_url::absolute($url)); # Security: cut after CR/LF + header('Location: ' . it_untaint($url, TC_SELF)); + } exit; } |