/[smecontribs]/rpms/phpki/contribs10/phpki-0.82-potential_xss_php_self.patch
ViewVC logotype

Contents of /rpms/phpki/contribs10/phpki-0.82-potential_xss_php_self.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (show annotations) (download)
Tue Nov 24 14:35:57 2020 UTC (3 years, 5 months ago) by brianr
Branch: MAIN
CVS Tags: phpki-0_82-24_el7_sme, HEAD 
Initial import
1 diff -Nur phpki/phpki-0.82/include/common.php phpki_bz10626/phpki-0.82/include/common.php
2 --- phpki/phpki-0.82/include/common.php 2018-10-08 09:20:21.526025640 +0200
3 +++ phpki_bz10626/phpki-0.82/include/common.php 2018-10-08 09:22:31.486656132 +0200
4 @@ -7,8 +7,7 @@
5 else
6 $PHPki_user = md5('default');
7
8 -$PHP_SELF = $HTTP_SERVER_VARS['PHP_SELF'];
9 -
10 +$PHP_SELF = htmlspecialchars($HTTP_SERVER_VARS['PHP_SELF'], ENT_QUOTES, "utf-8");
11
12 function printHeader($withmenu="default") {
13 global $config;
14 diff -Nur phpki/phpki-0.82/include/my_functions.php phpki_bz10626/phpki-0.82/include/my_functions.php
15 --- phpki/phpki-0.82/include/my_functions.php 2018-10-08 09:20:21.576025882 +0200
16 +++ phpki_bz10626/phpki-0.82/include/my_functions.php 2018-10-08 09:22:39.688695907 +0200
17 @@ -1,6 +1,6 @@
18 <?php
19
20 -$PHP_SELF = $HTTP_SERVER_VARS['PHP_SELF'];
21 +$PHP_SELF = htmlspecialchars($HTTP_SERVER_VARS['PHP_SELF'], ENT_QUOTES, "utf-8");
22
23 #
24 # Returns TRUE if browser is Internet Explorer.
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed