avoid HTTP Response Splitting attacks via redirects #1513 - dokuwiki - The DokuWiki Open Source Wiki Engine

index : dokuwiki

The DokuWiki Open Source Wiki Engine

Aslak Raanes

about summary refs log tree commit diff stats homepage

path: root/lib/scripts/jquery/jquery-migrate.min.js

diff options

author	Andreas Gohr <andi@splitbrain.org>	2016-03-31 18:16:37 +0200
committer	Andreas Gohr <andi@splitbrain.org>	2016-03-31 18:23:05 +0200
commit	98ca30d292f2cc203a5251719e06d1a9f2bdf4b4 (patch)
tree	c99a585fcfb412822b0072aefc0e673935a4e501 /lib/scripts/jquery/jquery-migrate.min.js
parent	89b96b7aa04a458fb2f69fd61be8cc7ddf033538 (diff)
download	dokuwiki-98ca30d292f2cc203a5251719e06d1a9f2bdf4b4.tar.gz dokuwiki-98ca30d292f2cc203a5251719e06d1a9f2bdf4b4.zip

avoid HTTP Response Splitting attacks via redirects #1513

The header() method of PHP is vulnerable to HTTP Response Splitting attacks. This change makes sure the URL passed to send_redirect (and thus to header()) does not contain any control characters that would be needed to execute such an attack. Cleaning input is recommended anyway.

Diffstat (limited to 'lib/scripts/jquery/jquery-migrate.min.js')

0 files changed, 0 insertions, 0 deletions