Commit d3cd5644 authored by mikeytown2's avatar mikeytown2
parent e5071f32
......@@ -2366,6 +2366,15 @@ function boost_is_cacheable($path) {
}
$normal_path = drupal_get_normal_path($path); // normalize path
$full = $normal_path . '-' . $GLOBALS['_boost_query'];
$decoded1 = urldecode($full);
$decoded2 = urldecode($decoded1);
while ($decoded1 != $decoded2) {
$decoded1 = urldecode($decoded2);
$decoded2 = urldecode($decoded1);
}
$decoded = $decoded2;
unset($decoded2);
unset($decoded1);
// Never cache
// the user login/registration/password/reset pages
......@@ -2377,7 +2386,7 @@ function boost_is_cacheable($path) {
// openid login page
// filefield upload progress page
// URL variables that contain / or \
// if incoming URL contains '..' or null bytes
// if incoming URL contains '..' or null bytes or ://
// Limit the maximum directory nesting depth of the path
// Do not cache if destination is set
if ( $normal_path == 'user'
......@@ -2393,6 +2402,7 @@ function boost_is_cacheable($path) {
|| strpos($GLOBALS['_boost_query'], "\\")
|| strpos($full, '..') !== FALSE
|| strpos($full, "\0") !== FALSE
|| strpos($decoded, "://") !== FALSE
|| count(explode('/', $path)) > BOOST_MAX_PATH_DEPTH
|| !empty($_GET['destination'])
) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment