Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
project
drupal
Commits
6baece1e
Commit
6baece1e
authored
Oct 17, 2006
by
Steven Wittens
Browse files
- Clarify utf-7 exploit in drupal_set_header()
parent
1238ccd6
Changes
1
Hide whitespace changes
Inline
Side-by-side
includes/common.inc
View file @
6baece1e
...
...
@@ -127,6 +127,9 @@ function drupal_clear_path_cache() {
/**
* Set an HTTP response header for the current page.
*
* Note: when sending a Content-Type header, always include a 'charset' type
* too. This is necessary to avoid security bugs (e.g. UTF-7 XSS).
*/
function
drupal_set_header
(
$header
=
NULL
)
{
// We use an array to guarantee there are no leading or trailing delimiters.
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment