mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-13 20:24:08 +02:00
Code Issues Releases Wiki Activity

Merge branch 'ticket/security-180' into ticket/security-180-asc

Browse Source 
Conflicts:
	tests/security/redirect_test.php
This commit is contained in:
Marc Alexander
2015-04-23 22:23:21 +02:00
committed by Andreas Fischer
parent ec207d0a71 18fc621d73
commit 416728fc17
2 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
phpBB/includes/functions.php
View File

@@ -2309,7 +2309,7 @@ function redirect($url, $return = false, $disable_cd_check = false)
// Attention: only able to redirect within the same domain if $disable_cd_check is false (yourdomain.com -> www.yourdomain.com will not work)
if (!$disable_cd_check && $url_parts['host'] !== $user->host)
{
$url = generate_board_url();
trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
}
}
else if ($url[0] == '/')