Append URL test (#1532)
This commit is contained in:
parent
badc7a0cad
commit
52a7f884f6
|
@ -204,7 +204,9 @@ sub _buildAuthLoop {
|
|||
# Default URL
|
||||
if ( defined $url
|
||||
and not $self->checkXSSAttack( 'URI',
|
||||
$req->env->{'REQUEST_URI'} ) )
|
||||
$req->env->{'REQUEST_URI'} )
|
||||
and $url =~ m%^(https?://)?[^\s/$.?#].[^\s]*$%
|
||||
)
|
||||
{
|
||||
$url .= $req->env->{'REQUEST_URI'};
|
||||
$req->{cspFormAction} .= " $url";
|
||||
|
|
Loading…
Reference in New Issue
Block a user