LEMONLDAP::NG : don't test url if direct access to portal
This commit is contained in:
parent
228288d43c
commit
985bdc2509
|
@ -373,6 +373,7 @@ sub notification {
|
|||
# check url against XSS attacks
|
||||
sub get_url {
|
||||
my ($self) = @_;
|
||||
return unless $self->param('url');
|
||||
return if ( $self->param('url') =~ m#[^A-Za-z0-9\+/=]# );
|
||||
return $self->param('url');
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user