From cff801de3dc850209199c15a24f82049b29653b9 Mon Sep 17 00:00:00 2001
From: Christian Schneider
Date: Wed, 18 Nov 2009 16:17:06 +0000
Subject: Protect from Firewalls/Proxies altering Javascript source code

---
 itjs.php     | 2 +-
 itjs/boot.js | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/itjs.php b/itjs.php
index 5c7152b..52f06d7 100644
--- a/itjs.php
+++ b/itjs.php
@@ -70,7 +70,7 @@ if ($checksum != $_SERVER['HTTP_IF_NONE_MATCH'])
 	if ($_REQUEST['boot'])
 	{
 		$data .= "window.it_boot_init();\n";
-		$data = sprintf("/*sln:%d*/\n%s/*eln:%d*/", strlen($data), $data, strlen($data));
+		$data = sprintf("/*sln:%d*/\n%s/*eln:%d*/", strlen($data), strtr($data, '%' => "%25", '.' => "%2e", 'e' => "%65", 'i' => "%69"), strlen($data));	# Protect from Firewalls/Proxies altering Javascript source code
 	}
 
 	echo it_untaint($data);
diff --git a/itjs/boot.js b/itjs/boot.js
index 6ee8845..50e7a26 100644
--- a/itjs/boot.js
+++ b/itjs/boot.js
@@ -198,7 +198,7 @@ function it_boot(file, isretry)
 				{
 					// check length cookie
 					var ln = String(loader.responseText).match(/\*sln:([0-9]+)[^\n]*\n([\s\S]*\n)\/\*eln:\1/);
-					code = ln ? ln[2] : loader.responseText;
+					code = ln ? unescape(ln[2]) : loader.responseText;
 					if (ln && ln[1]-0 == code.length)
 					{
 						it_boot.sequence += "e";
-- 
cgit v1.2.3