diff options
| author | David Flatz | 2015-02-11 19:20:24 +0100 |
|---|---|---|
| committer | David Flatz | 2015-02-11 19:21:08 +0100 |
| commit | 7da3f6d30e1557baf969885a357b9cb7853ecaaf (patch) | |
| tree | 297297e3ad3bc84fc4c1bd09a5848f39f3677d59 /it_url.class | |
| parent | 63ec357b2f300c48d4c90d7d6209b964c2caa3dd (diff) | |
| download | itools-7da3f6d30e1557baf969885a357b9cb7853ecaaf.tar.gz itools-7da3f6d30e1557baf969885a357b9cb7853ecaaf.tar.bz2 itools-7da3f6d30e1557baf969885a357b9cb7853ecaaf.zip | |
warn about potential redirect loops
Diffstat (limited to 'it_url.class')
| -rw-r--r-- | it_url.class | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/it_url.class b/it_url.class index b9bb17c..02b084e 100644 --- a/it_url.class +++ b/it_url.class @@ -856,6 +856,10 @@ function redirect($url = null, $type = "temporary") it::fatal("Invalid redirect type '$type', must be 'permanent' or 'temporary'"); $url = preg_replace("/[\r\n].*/", '', it_url::absolute($url)); # Security: cut after CR/LF + + if (U($url) == U(it_url::absolute(U($_GET)))) + it::error('Potential redirect loop detected: ' . $url); + if (EDC('noredir')) { if (!function_exists('a')) new it_html(); |