LEMONLDAP::NG : don't test url if direct access to portal

2008-12-27 11:00:45 +00:00 · 2008-12-27 11:00:45 +00:00 · 985bdc2509
commit 985bdc2509
parent 228288d43c
1 changed files with 1 additions and 0 deletions
--- a/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm
+++ b/modules/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Simple.pm
@ -373,6 +373,7 @@ sub notification {
 # check url against XSS attacks
 sub get_url {
    my ($self) = @_;
+    return unless $self->param('url');
    return if ( $self->param('url') =~ m#[^A-Za-z0-9\+/=]# );
    return $self->param('url');
 }