diff options
| -rw-r--r-- | it_url.class | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/it_url.class b/it_url.class index f37bf97..6a0b126 100644 --- a/it_url.class +++ b/it_url.class @@ -830,6 +830,9 @@ static function redirect($url = null, $type = "temporary") $url = preg_replace("/[\r\n].*/", '', it_url::absolute($url)); # Security: cut after CR/LF + if (!$_POST && $url == it_url::absolute(U($_GET))) + it::error("redirect to self: $url"); + if (EDC('noredir')) { if (!function_exists('a')) |