external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
aurweb/web
History
Lukas Fleischer e2fa5ea6fa login.php: Escape quotes in the referer field 
Replace special characters in the referer GET parameter using
htmlspecialchars() before inserting it into the login form fields to
prevent from XSS attacks.

Fixes FS#55286.

Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2017-11-05 11:28:11 +01:00
..
html login.php: Escape quotes in the referer field 2017-11-05 11:28:11 +01:00
lib Only allow valid HTTP(s) URLs as home page 2017-11-05 08:55:24 +01:00
locale Add dummy "web/locale/" directory. 2011-04-10 15:40:49 +02:00
template Point out that the user name is public when registering 2017-11-05 08:24:51 +01:00