harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

query filter was a bit greedy

Browse Source 
(cherry picked from commit a05c8ff66b)
This commit is contained in:
zotlabs
2018-07-18 17:48:23 -07:00
committed by Mario
parent 685d05f98b
commit 67848c03ed
3 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
boot.php
View File

@@ -874,11 +874,12 @@ class App {
}
if((x($_SERVER,'QUERY_STRING')) && substr($_SERVER['QUERY_STRING'], 0, 2) === "q=") {
self::$query_string = escape_tags(substr($_SERVER['QUERY_STRING'], 2));
self::$query_string = str_replace(['<','>'],['&lt;','&gt;'],substr($_SERVER['QUERY_STRING'], 2);
// removing trailing / - maybe a nginx problem
if (substr(self::$query_string, 0, 1) == "/")
self::$query_string = substr(self::$query_string, 1);
}
if(x($_GET,'q'))
self::$cmd = escape_tags(trim($_GET['q'],'/\\'));