Reflected XSS 취약점(16-036) 수정
This commit is contained in:
chicpro
@ -33,6 +33,8 @@ $msg2 = str_replace("\\n", "<br>", $msg);
|
||||
$url = clean_xss_tags($url);
|
||||
if (!$url) $url = clean_xss_tags($_SERVER['HTTP_REFERER']);
|
||||
|
||||
$url = preg_replace("/[\<\>\'\"\\\'\\\"\(\)]/", "", $url);
|
||||
|
||||
// url 체크
|
||||
check_url_host($url);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user