summaryrefslogtreecommitdiffstats
path: root/web
diff options
context:
space:
mode:
Diffstat (limited to 'web')
-rw-r--r--web/html/login.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/web/html/login.php b/web/html/login.php
index a55ce057..df517055 100644
--- a/web/html/login.php
+++ b/web/html/login.php
@@ -41,7 +41,7 @@ html_header('AUR ' . __("Login"));
<input type="submit" class="button" value="<?php print __("Login"); ?>" />
<a href="<?= get_uri('/passreset/') ?>">[<?= __('Forgot Password') ?>]</a>
<?php if (in_request('referer') !== ""): ?>
- <input id="id_referer" type="hidden" name="referer" value="<?= in_request('referer') ?>" />
+ <input id="id_referer" type="hidden" name="referer" value="<?= htmlspecialchars(in_request('referer'), ENT_QUOTES) ?>" />
<?php elseif (isset($_SERVER['HTTP_REFERER'])): ?>
<input id="id_referer" type="hidden" name="referer" value="<?= htmlspecialchars($_SERVER['HTTP_REFERER'], ENT_QUOTES) ?>" />
<?php endif; ?>
generated by cgit v1.2.3-24-g4f1b (git 2.32.0) at 2024-11-26 10:41:03 +0100