diff options
Diffstat (limited to 'github.cgi')
| -rwxr-xr-x | github.cgi | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/github.cgi b/github.cgi index acb02d466..b8467e1e0 100755 --- a/github.cgi +++ b/github.cgi @@ -44,7 +44,7 @@ if (lc($cgi->request_method) eq 'post') { unless $target_uri =~ /^\Q$urlbase\E/; ThrowCodeError("github_insecure_referer", { target_uri => $target_uri }) - if $cgi->referer && $cgi->referer =~ /(reset_password\.cgi|token\.cgi|t=|token=|api_key=)/; + if $cgi->referer && $cgi->referer =~ /(?:reset_password\.cgi|token\.cgi|\bt=|token=|api_key=)/; if ($user->id) { print $cgi->redirect($target_uri); |