Commit 3e81a14a authored by webchick's avatar webchick

#449142 by pwolanin: SA-CORE-2009-005 #2.

parent 1faa09b1
......@@ -1085,6 +1085,8 @@ function request_uri() {
$uri = $_SERVER['SCRIPT_NAME'];
}
}
// Prevent multiple slashes to avoid cross site requests via the Form API.
$uri = '/' . ltrim($uri, '/');
return $uri;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment