Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fixed XSS vulnerability where filename could contain abitrary code to…
… execute on the client side.
  • Loading branch information
kaecyra committed Sep 27, 2010
1 parent a2059ac commit 4535a05
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
Expand Up @@ -279,7 +279,7 @@ public function Handshake($AuthenticationSchemeAlias = 'default') {

// This resets vanilla's internal "where am I" to the homepage. Needed.
Gdn::Request()->WithRoute('DefaultController');
$this->SelfUrl = Gdn::Request()->Path();
$this->SelfUrl = Url('');//Gdn::Request()->Path();

$this->View = 'syncfailed';
$this->ProviderSite = $Authenticator->GetProviderUrl();
Expand Down
2 changes: 1 addition & 1 deletion library/core/class.dispatcher.php
Expand Up @@ -359,7 +359,7 @@ protected function _AnalyzeRequest(&$Request, $FolderDepth = 1) {
$this->_ControllerName = '';
$this->_ControllerMethod = 'index';
$this->_ControllerMethodArgs = array();
$this->Request = $Request->Path();
$this->Request = Url('');//$Request->Path();

$PathAndQuery = $Request->PathAndQuery();
$MatchRoute = Gdn::Router()->MatchRoute($PathAndQuery);
Expand Down

0 comments on commit 4535a05

Please sign in to comment.