REQUEST_URI is used in php_self(), so make sure it's sanitized too
authorpdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Wed, 27 Jan 2010 23:05:18 +0000 (23:05 +0000)
committerpdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Wed, 27 Jan 2010 23:05:18 +0000 (23:05 +0000)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13895 7612ce4b-ef26-0410-bec9-ea0150e637f0

include/init.php

index 6104a99..28f7b45 100644 (file)
@@ -276,6 +276,7 @@ if (function_exists('get_magic_quotes_gpc') && @get_magic_quotes_gpc()) {
  * QUERY_STRING also needs the same treatment since it is
  * used in php_self().
  */
+$_SERVER['REQUEST_URI'] = htmlspecialchars($_SERVER['REQUEST_URI']);
 $_SERVER['PHP_SELF'] = htmlspecialchars($_SERVER['PHP_SELF']);
 $_SERVER['QUERY_STRING'] = htmlspecialchars($_SERVER['QUERY_STRING']);