From 3f80555170d11f7c8f6f976e07f65ca9af55118b Mon Sep 17 00:00:00 2001
From: Urban Müller
Date: Mon, 1 Nov 2021 15:44:42 +0100
Subject: avoid false positives when U() removes args without value

---
 it_url.class | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/it_url.class b/it_url.class
index 6a0b126..540fd46 100644
--- a/it_url.class
+++ b/it_url.class
@@ -830,7 +830,7 @@ static function redirect($url = null, $type = "temporary")
 
 	$url = preg_replace("/[\r\n].*/", '', it_url::absolute($url));	# Security: cut after CR/LF
 
-	if (!$_POST && $url == it_url::absolute(U($_GET)))
+	if (!$_POST && $url == it_url::absolute($_SERVER['REQUEST_URI']))
 		it::error("redirect to self: $url");
 
 	if (EDC('noredir'))
-- 
cgit v1.2.3