From 57b558e35e2f2bef752b0e0c653e61db10d60980 Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Sat, 25 Apr 2009 15:20:43 +0000
Subject: [PATCH] - Patch #444154 by c960657: remove header injection check
 that is now redundant thanks to PHP 5.1.2 and beyond.

---
 includes/common.inc | 2 --
 1 file changed, 2 deletions(-)

diff --git a/includes/common.inc b/includes/common.inc
index 6742e8ebe2af..ff44abd28056 100644
--- a/includes/common.inc
+++ b/includes/common.inc
@@ -303,8 +303,6 @@ function drupal_goto($path = '', $query = NULL, $fragment = NULL, $http_response
   }
 
   $url = url($path, array('query' => $query, 'fragment' => $fragment, 'absolute' => TRUE));
-  // Remove newlines from the URL to avoid header injection attacks.
-  $url = str_replace(array("\n", "\r"), '', $url);
 
   // Allow modules to react to the end of the page request before redirecting.
   // We do not want this while running update.php.
-- 
GitLab