From 1dc7b19552ac8de3b03ea93db82a55750a58026e Mon Sep 17 00:00:00 2001
From: thisgun <thisgun@naver.com>
Date: Thu, 20 Jul 2017 19:56:43 +0900
Subject: [PATCH] =?UTF-8?q?=EC=98=81=EC=B9=B4=ED=8A=B8=20CSRF=20=EC=B7=A8?=
 =?UTF-8?q?=EC=95=BD=EC=A0=90=20(=2017-00465=20)=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 mobile/shop/inicis/pay_approval.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/mobile/shop/inicis/pay_approval.php b/mobile/shop/inicis/pay_approval.php
index ea5ebd7f9..11dc43455 100644
--- a/mobile/shop/inicis/pay_approval.php
+++ b/mobile/shop/inicis/pay_approval.php
@@ -45,6 +45,8 @@ if($_REQUEST['P_STATUS'] != '00') {
     // 결과를 배열로 변환
     parse_str($return, $ret);
     $PAY = array_map('trim', $ret);
+    $PAY = array_map('strip_tags', $PAY);
+    $PAY = array_map('get_search_string', $PAY);
 
     if($PAY['P_STATUS'] != '00')
         alert('오류 : '.iconv_utf8($PAY['P_RMESG1']).' 코드 : '.$PAY['P_STATUS'], $page_return_url);