Merge pull request #111 from mjrider/url-untaint

untaint url parameters when generating an url
Ariadne-CMS · May 13, 2016 · 279e03c · 279e03c
2 parents 60ba61e + 63a5a17
commit 279e03c
Showing 1 changed file with 10 additions and 2 deletions.
diff --git a/lib/ar/url.php b/lib/ar/url.php
@@ -54,7 +54,11 @@ public function __set($var, $value) {
 		}
 
 		public function __toString() {
-			return (string)$this->url;
+			$query = (array)$this->url->query;
+			$url   = clone($this->url);
+			ar::untaint($query, FILTER_UNSAFE_RAW);
+			$url->query->import($query);
+			return (string)$url;
 		}
 
 		public function getvar( $name ) {
@@ -118,7 +122,11 @@ public function putvar( $name, $value ) {
 		}
 
 		public function __toString() {
-			return (string)$this->query;
+			$q = clone $this->query;
+			$qa = (array)$q;
+			ar::untaint($qa, FILTER_UNSAFE_RAW);
+			$q->import($qa);
+			return (string)$q;
 		}
 
 		public function import( $values ) {