diff options
author | matt <matt@59fd770c-687e-43c8-a1e3-f5a4ff64c105> | 2009-03-25 09:57:03 +0300 |
---|---|---|
committer | matt <matt@59fd770c-687e-43c8-a1e3-f5a4ff64c105> | 2009-03-25 09:57:03 +0300 |
commit | eb7b288c7a2acd11a9c2f8645f3e4a4692e7012b (patch) | |
tree | 2f8fe1db0d354134feb26cc423a9486bebfb69b4 /core/Tracker/Generator.php | |
parent | 82e5ad5eb4d2dbcf2e8c5dd0b3aabf01f978cf92 (diff) |
- in all piwik, we now don't read from _REQUEST as it includes _COOKIE. We instead read data from union of _GET and _POST
- clarified how to test piwik for xss referer injection
Diffstat (limited to 'core/Tracker/Generator.php')
-rw-r--r-- | core/Tracker/Generator.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/core/Tracker/Generator.php b/core/Tracker/Generator.php index ea1178123f..c52b1d904f 100644 --- a/core/Tracker/Generator.php +++ b/core/Tracker/Generator.php @@ -112,7 +112,7 @@ class Piwik_Tracker_Generator */ public function __construct() { - $_COOKIE = $_GET = $_REQUEST = $_POST = array(); + $_COOKIE = $_GET = $_POST = array(); // init GET and REQUEST to the empty array $this->setFakeRequest(); @@ -582,7 +582,7 @@ class Piwik_Tracker_Generator */ protected function setFakeRequest() { - $_REQUEST = $_GET = $this->currentget; + $_GET = $this->currentget; } /** |