removed XSS hole caused by "urldecode"

moodle · Sep 20, 2005 · 7fc7e96 · 7fc7e96
1 parent d27162c
commit 7fc7e96
Showing 1 changed file with 0 additions and 3 deletions.
diff --git a/mod/hotpot/show.php b/mod/hotpot/show.php
@@ -18,9 +18,6 @@
 		error("You are not allowed to view this page!");
 	}
 
-	// decode the reference (not usually necessary)
-	$params->reference = urldecode($params->reference);
-
 	if (isadmin()) {
 		$params->location = optional_param('location', HOTPOT_LOCATION_COURSEFILES);
 	} else {