fix: 0008180: Potential URL redirection flaw in login.php

git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@4463 f5dc347c-c33d-0410-90a0-b07cc1902cb9
mantisbt · Jul 22, 2007 · 6fe5014 · 6fe5014
1 parent de9bdd1
commit 6fe5014
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/login.php b/login.php
@@ -6,7 +6,7 @@
 	# See the README and LICENSE files for details
 
 	# --------------------------------------------------------
-	# $Id: login.php,v 1.37 2007-03-03 14:54:15 prichards Exp $
+	# $Id: login.php,v 1.38 2007-07-22 10:16:08 prichards Exp $
 	# --------------------------------------------------------
 ?>
 <?php
@@ -41,9 +41,9 @@
 	}
 
 	if ( auth_attempt_login( $f_username, $f_password, $f_perm_login ) ) {
-		$t_redirect_url = 'login_cookie_test.php?return=' . urlencode( $f_return );
+		$t_redirect_url = 'login_cookie_test.php?return=' . string_sanitize_url( $f_return );
 	} else {
-		$t_redirect_url = 'login_page.php?return=' . urlencode( $f_return ) . '&error=1';
+		$t_redirect_url = 'login_page.php?return=' . string_sanitize_url( $f_return ) . '&error=1';
 
 		if ( HTTP_AUTH == config_get( 'login_method' ) ) {
 			auth_http_prompt();