From 9700dfd057fe8267b4359d5497b56f0c2c8aa6bb Mon Sep 17 00:00:00 2001
From: "justdave%syndicomm.com" <>
Date: Thu, 16 Aug 2001 13:52:55 +0000
Subject: Fix for bug 95535: the token generator for password resets is
 allowing the & character to be used for tokens, but wasn't escaping them for
 the URL it emailed to users to use to get in to reset their password. Patch
 by Dave Miller <justdave@syndicomm.com> r= myk@mozilla.org

---
 Token.pm | 1 +
 1 file changed, 1 insertion(+)

(limited to 'Token.pm')

diff --git a/Token.pm b/Token.pm
index cde97f87e..2d5dad2a3 100644
--- a/Token.pm
+++ b/Token.pm
@@ -100,6 +100,7 @@ sub MailPasswordToken {
 
     my $urlbase = &::Param("urlbase");
     my $emailsuffix = &::Param('emailsuffix');
+    $token = &::url_quote($token);
 
     open SENDMAIL, "|/usr/lib/sendmail -t";
 
-- 
cgit v1.2.3-24-g4f1b