Reflected XSS 취약점(16-036) 수정
This commit is contained in:
chicpro
@ -33,6 +33,8 @@ $msg2 = str_replace("\\n", "<br>", $msg);
|
|||||||
$url = clean_xss_tags($url);
|
$url = clean_xss_tags($url);
|
||||||
if (!$url) $url = clean_xss_tags($_SERVER['HTTP_REFERER']);
|
if (!$url) $url = clean_xss_tags($_SERVER['HTTP_REFERER']);
|
||||||
|
|
||||||
|
$url = preg_replace("/[\<\>\'\"\\\'\\\"\(\)]/", "", $url);
|
||||||
|
|
||||||
// url 체크
|
// url 체크
|
||||||
check_url_host($url);
|
check_url_host($url);
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user