Ignore:
Timestamp:
Apr 29, 2010, 12:44:30 PM (14 years ago)
Author:
plg
Message:

bug 1484: prevent XSS vulnerability, encode url.

improvement: no need to transmit the REQUEST_URI from PHP, Smarty already
knows it.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/themes/default/template/identification.tpl

    r5559 r5990  
    2222    <legend>{'Connection settings'|@translate}</legend>
    2323
    24     <input type="hidden" name="redirect" value="{$U_REDIRECT}">
     24    <input type="hidden" name="redirect" value="{$U_REDIRECT|urlencode}">
    2525
    2626    <ul>
Note: See TracChangeset for help on using the changeset viewer.