diff options
author | Michal Čihař <mcihar@novell.com> | 2011-05-20 11:01:20 +0400 |
---|---|---|
committer | Michal Čihař <mcihar@novell.com> | 2011-05-20 11:01:20 +0400 |
commit | ecfc8ba4f7b4ea612c58ab5726054ed0f28e200d (patch) | |
tree | 2f7836f26a467f315dbcd9fbce43738382b4e3e6 /url.php | |
parent | 32d8446e01d5097599e89cb78ade338f03e82a1d (diff) |
Make redirector require valid token
Diffstat (limited to 'url.php')
-rw-r--r-- | url.php | 6 |
1 files changed, 2 insertions, 4 deletions
@@ -3,16 +3,14 @@ * URL redirector to avoid leaking Referer with some sensitive information. */ -define('PMA_MINIMUM_COMMON', TRUE); - /** * Gets core libraries and defines some variables */ require_once './libraries/common.inc.php'; -if (empty($GLOBALS['url']) || ! preg_match('/^https?:\/\/[^\n\r]*$/', $GLOBALS['url'])) { +if (! PMA_isValid($_GET['url']) || ! preg_match('/^https?:\/\/[^\n\r]*$/', $_GET['url'])) { header('Location: ' . $cfg['PmaAbsoluteUri']); } else { - header('Location: ' . $GLOBALS['url']); + header('Location: ' . $_GET['url']); } ?> |