Knah-Tsaeb/MyShaarli
Knah-Tsaeb/MyShaarli
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Use generateLocation to set the redirection in login (and don't escape the url)

Browse source
This commit is contained in:
ArthurHoaro 2016-03-21 19:06:46 +01:00
parent 890afc32f7
commit e15f08d72a
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
index.php
View file

@ -483,7 +483,7 @@ function ban_canLogin()
if (isset($_POST['returnurl'])) { if (isset($_POST['returnurl'])) {
// Prevent loops over login screen. // Prevent loops over login screen.
if (strpos($_POST['returnurl'], 'do=login') === false) { if (strpos($_POST['returnurl'], 'do=login') === false) {
header('Location: '. escape($_POST['returnurl'])); header('Location: '. generateLocation($_POST['returnurl'], $_SERVER['HTTP_HOST']));
exit; exit;
} }
} }