diff options
Diffstat (limited to 'globals.pl')
-rw-r--r-- | globals.pl | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/globals.pl b/globals.pl index 64031bc85..a6a751562 100644 --- a/globals.pl +++ b/globals.pl @@ -1637,6 +1637,8 @@ sub GetFormat { # Security - allow letters and a hyphen only $ctype =~ s/[^a-zA-Z\-]//g; $format =~ s/[^a-zA-Z\-]//g; + trick_taint($ctype); + trick_taint($format); $template .= ($format ? "-$format" : ""); $template .= ".$ctype.tmpl"; |