diff options
author | Documentopia.com <coding@documentopia.com> | 2014-05-06 22:26:26 +0200 |
---|---|---|
committer | Documentopia.com <coding@documentopia.com> | 2014-05-06 22:26:26 +0200 |
commit | 945784173ea4dba58da528bebc53b3a24b82928f (patch) | |
tree | e06c394402a625750b332555165d1e081c026c2d /system/.htaccess | |
parent | 4e4f2f596700e6892b31b8b6ce987b2511a3cd98 (diff) |
xss_clean is not protecting GET requests that &item=/startwithslash
/webacd.do?isurlact=true&entactname=/webacd.do
becomes
/webacd.do?isurlact=true&entactname;=/webacd.do
This commit adds / to the regex to it will escape those GET requests
related to issue #3030
Diffstat (limited to 'system/.htaccess')
0 files changed, 0 insertions, 0 deletions