mirror of
https://github.com/postfixadmin/postfixadmin.git
synced 2024-09-19 19:22:14 +02:00
escape provided url better (fix XSS vuln) - thanks to Flippo Cavallarin for reporting this
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/branches/postfixadmin-2.3@1322 a1433add-5e2c-0410-b055-b7f2511e0802
This commit is contained in:
parent
9fb0f040c9
commit
5c4d9e48bd
@ -2,8 +2,7 @@
|
||||
<script type="text/javascript">
|
||||
function newLocation()
|
||||
{
|
||||
window.location="<?php print $fCanceltarget; ?>"
|
||||
|
||||
window.location= "<?php echo urlencode($fCanceltarget); ?>"
|
||||
}
|
||||
</script>
|
||||
<div id="edit_form">
|
||||
|
Loading…
Reference in New Issue
Block a user