Commit 57b558e3 authored by Dries's avatar Dries

- Patch #444154 by c960657: remove header injection check that is now...

- Patch #444154 by c960657: remove header injection check that is now redundant thanks to PHP 5.1.2 and beyond.
parent b90912c8
...@@ -303,8 +303,6 @@ function drupal_goto($path = '', $query = NULL, $fragment = NULL, $http_response ...@@ -303,8 +303,6 @@ function drupal_goto($path = '', $query = NULL, $fragment = NULL, $http_response
} }
$url = url($path, array('query' => $query, 'fragment' => $fragment, 'absolute' => TRUE)); $url = url($path, array('query' => $query, 'fragment' => $fragment, 'absolute' => TRUE));
// Remove newlines from the URL to avoid header injection attacks.
$url = str_replace(array("\n", "\r"), '', $url);
// Allow modules to react to the end of the page request before redirecting. // Allow modules to react to the end of the page request before redirecting.
// We do not want this while running update.php. // We do not want this while running update.php.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment