From f5a2d7b40d304b6d68f7cf33b3a525b59c7d2869 Mon Sep 17 00:00:00 2001 From: jangliss Date: Fri, 3 Mar 2006 03:39:18 +0000 Subject: [PATCH] - Security: Possible cookie theft in src/redirect.php if register_globals is enabled, and malicous site is running in same domain. git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@10851 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- ChangeLog | 3 +++ functions/strings.php | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index f8825386..3b18f233 100644 --- a/ChangeLog +++ b/ChangeLog @@ -15,6 +15,9 @@ Version 1.5.2 - CVS - Fixed View as HTML link so it doesn't forget it was part of a seach result. - Don't use delimiter in IMAP subscription command, when noselect folder is created. + - Security: Possible cookie theft in src/redirect.php if + register_globals is enabled, and malicous site is running + in same domain. Version 1.5.1 (branched on 2006-02-12) diff --git a/functions/strings.php b/functions/strings.php index a830024f..613f342c 100644 --- a/functions/strings.php +++ b/functions/strings.php @@ -497,7 +497,7 @@ function sqm_baseuri(){ /** * If it is in the session, just return it. */ - if (isset($base_uri)){ + if (sqgetGlobalVar('base_uri',$base_uri,SQ_SESSION)){ return $base_uri; } $dirs = array('|src/.*|', '|plugins/.*|', '|functions/.*|'); -- 2.25.1