Changeset 60729 in spip-zone


Ignore:
Timestamp:
Apr 28, 2012, 7:50:35 AM (9 years ago)
Author:
fil@…
Message:

parer le xss de referer http://zone.spip.org/trac/spip-zone/changeset/60432 - version 1.1.0

File:
1 edited

Legend:

Unmodified
Added
Removed
  • _core_/securite/ecran_securite.php

    r60565 r60729  
    66 */
    77
    8 define('_ECRAN_SECURITE', '1.0.10'); // 17 avril  2012
     8define('_ECRAN_SECURITE', '1.1.0'); // 28 avril  2012
    99
    1010/*
     
    216216        $ecran_securite_raison = 'reinstall=oui';
    217217
     218/* echappement xss referer */
     219if (isset($_SERVER['HTTP_REFERER']))
     220        $_SERVER['HTTP_REFERER'] = strtr($_SERVER['HTTP_REFERER'], '<>"\'', '[]##');
    218221
    219222/*
Note: See TracChangeset for help on using the changeset viewer.