crtxcr
/
cgitsb
1
0
複製 0
程式碼 問題管理 合併請求 版本發佈 Wiki Activity

ui-shared: Avoid new line injection into redirect header

This commit is contained in:
Jason A. Donenfeld 2016-01-14 14:13:39 +01:00
父節點 4c69241b05
當前提交 4291453ec3
共有 1 個文件被更改,包括 3 次插入1 次删除
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ui-shared.c
查看文件

@ -709,7 +709,9 @@ void cgit_print_http_headers(void)
void cgit_redirect(const char *url, bool permanent)
{
htmlf("Status: %d %s\n", permanent ? 301 : 302, permanent ? "Moved" : "Found");
htmlf("Location: %s\n\n", url);
html("Location: ");
html_url_path(url);
html("\n\n");
exit(0);
}