Navigation Menu

Skip to content

Commit

Permalink
Improvements in URL redirector
Browse files Browse the repository at this point in the history 
- do not concatenate message to allow better translation
- avoid possbile XSS
  • Loading branch information
@nijel
nijel committed Feb 11, 2014
1 parent 935c2e1 commit 5e9cf18
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions url.php
View file
Expand Up @@ -25,11 +25,11 @@
// external site.
echo "<script type='text/javascript'>
window.onload=function(){
window.location='" . $_GET['url'] . "';
window.location='" . htmlspecialchars($_GET['url']) . "';
}
</script>";
// Display redirecting msg on screen.
echo __('Taking you to ') . ($_GET['url']);
printf(__('Taking you to %s.'), htmlspecialchars($_GET['url']));
} else {
header('Location: ' . $cfg['PmaAbsoluteUri']);
}
Expand Down

0 comments on commit 5e9cf18

Please sign in to comment.