www/adium.im 656:c0246ed2467a: Prevent this parameter to be used...
commits at adium.im
commits at adium.im
Sun Apr 29 10:59:22 UTC 2012
details: http://hg.adium.im/www/adium.im/rev/c0246ed2467a
revision: 656:c0246ed2467a
branch: adiumx.com
author: Thijs Alkemade <thijsalkemade at gmail.com>
date: Sun Apr 29 12:59:10 2012 +0200
Prevent this parameter to be used with XSS.
diffs (12 lines):
diff -r 6abcf455ae98 -r c0246ed2467a index.php
--- a/index.php Sun Apr 29 12:26:55 2012 +0200
+++ b/index.php Sun Apr 29 12:59:10 2012 +0200
@@ -77,7 +77,7 @@
}
}
- if ($_GET['forceOS'])
+ if ($_GET['forceOS'] && array_key_exists($_GET['forceOS'], $downloadLink))
$operatingSystem = $_GET['forceOS'];
if ($_GET['download'] && $_GET['redirect'] == "301") {
More information about the commits
mailing list