firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

XSS 취약점 수정 16-480

Browse Source
This commit is contained in:
chicpro
2016-07-15 09:25:39 +09:00
parent b5592b8466
commit a79def43c5
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
common.php
View File

@ -39,6 +39,7 @@ function g5_path()
$host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME']; $host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME'];
if(isset($_SERVER['HTTP_HOST']) && preg_match('/:[0-9]+$/', $host)) if(isset($_SERVER['HTTP_HOST']) && preg_match('/:[0-9]+$/', $host))
$host = preg_replace('/:[0-9]+$/', '', $host); $host = preg_replace('/:[0-9]+$/', '', $host);
$host = preg_replace("/[\<\>\'\"\\\'\\\"\%\=\(\)\/\^\*]/", '', $host);
$result['url'] = $http.$host.$port.$user.$root; $result['url'] = $http.$host.$port.$user.$root;
return $result; return $result;
} }