Use generateLocation to set the redirection in login (and don't escape the url)

This commit is contained in:
ArthurHoaro 2016-03-21 19:06:46 +01:00
parent 890afc32f7
commit e15f08d72a

View file

@ -483,7 +483,7 @@ if (isset($_POST['login']))
if (isset($_POST['returnurl'])) {
// Prevent loops over login screen.
if (strpos($_POST['returnurl'], 'do=login') === false) {
header('Location: '. escape($_POST['returnurl']));
header('Location: '. generateLocation($_POST['returnurl'], $_SERVER['HTTP_HOST']));
exit;
}
}