Commit e2fa5ea6 authored by Lukas Fleischer's avatar Lukas Fleischer
Browse files

login.php: Escape quotes in the referer field



Replace special characters in the referer GET parameter using
htmlspecialchars() before inserting it into the login form fields to
prevent from XSS attacks.

Fixes FS#55286.

Signed-off-by: Lukas Fleischer's avatarLukas Fleischer <lfleischer@archlinux.org>
parent 4efba18f
......@@ -41,7 +41,7 @@ html_header('AUR ' . __("Login"));
<input type="submit" class="button" value="<?php print __("Login"); ?>" />
<a href="<?= get_uri('/passreset/') ?>">[<?= __('Forgot Password') ?>]</a>
<?php if (in_request('referer') !== ""): ?>
<input id="id_referer" type="hidden" name="referer" value="<?= in_request('referer') ?>" />
<input id="id_referer" type="hidden" name="referer" value="<?= htmlspecialchars(in_request('referer'), ENT_QUOTES) ?>" />
<?php elseif (isset($_SERVER['HTTP_REFERER'])): ?>
<input id="id_referer" type="hidden" name="referer" value="<?= htmlspecialchars($_SERVER['HTTP_REFERER'], ENT_QUOTES) ?>" />
<?php endif; ?>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment