Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
project
drupal
Commits
2c474d2a
Commit
2c474d2a
authored
Jan 03, 2010
by
webchick
Browse files
#668932
by Damien Tournoud : Remove duplicate sanitzing of HTTP_HOST.
parent
b39cf55f
Changes
1
Hide whitespace changes
Inline
Side-by-side
includes/bootstrap.inc
View file @
2c474d2a
...
...
@@ -580,9 +580,10 @@ function drupal_settings_initialize() {
// Otherwise use $base_url as session name, without the protocol
// to use the same session identifiers across http and https.
list
(
,
$session_name
)
=
explode
(
'://'
,
$base_url
,
2
);
// We escape the hostname because it can be modified by a visitor.
// HTTP_HOST can be modified by a visitor, but we already sanitized it
// in drupal_settings_initialize().
if
(
!
empty
(
$_SERVER
[
'HTTP_HOST'
]))
{
$cookie_domain
=
check_plain
(
$_SERVER
[
'HTTP_HOST'
]
)
;
$cookie_domain
=
$_SERVER
[
'HTTP_HOST'
];
}
}
// Strip leading periods, www., and port numbers from cookie domain.
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment