firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

XSS 취약점 수정

Browse Source
This commit is contained in:
chicpro
2015-07-14 12:01:21 +09:00
parent aa140eb846
commit f74e8f7250
9 changed files with 20 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
bbs/alert.php
View File

@ -30,7 +30,8 @@ include_once(G5_PATH.'/head.sub.php');
$msg2 = str_replace("\\n", "<br>", $msg);
if (!$url) $url = $_SERVER['HTTP_REFERER'];
$url = clean_xss_tags($url);
if (!$url) $url = clean_xss_tags($_SERVER['HTTP_REFERER']);
// url 체크
check_url_host($url);