diff options
| -rw-r--r-- | it_url.class | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/it_url.class b/it_url.class index b9bb17c..02b084e 100644 --- a/it_url.class +++ b/it_url.class @@ -856,6 +856,10 @@ function redirect($url = null, $type = "temporary") it::fatal("Invalid redirect type '$type', must be 'permanent' or 'temporary'"); $url = preg_replace("/[\r\n].*/", '', it_url::absolute($url)); # Security: cut after CR/LF + + if (U($url) == U(it_url::absolute(U($_GET)))) + it::error('Potential redirect loop detected: ' . $url); + if (EDC('noredir')) { if (!function_exists('a')) new it_html(); |