projects
/
mirror
/
userdir-ldap-cgi.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
31819fd
)
Revert "XSS bug in db.debian.org"
author
Martin Zobel-Helas
<zobel@debian.org>
Fri, 6 Sep 2013 20:21:25 +0000
(22:21 +0200)
committer
Martin Zobel-Helas
<zobel@debian.org>
Fri, 6 Sep 2013 20:21:25 +0000
(22:21 +0200)
This reverts commit
784c4020017d260775339c1231052ca4eb387f02
.
search.cgi
patch
|
blob
|
history
diff --git
a/search.cgi
b/search.cgi
index
42ad3d6
..
dc9f948
100755
(executable)
--- a/
search.cgi
+++ b/
search.cgi
@@
-236,7
+236,7
@@
if (!$dosearch) {
# If this is ourselves, present a link to do mods
if ($auth && ($id eq $data->{uid}->[0])) { #TODO: extract this string into a url for translation...
# If this is ourselves, present a link to do mods
if ($auth && ($id eq $data->{uid}->[0])) { #TODO: extract this string into a url for translation...
- $outsub{searchresults} .= "<a href=\"$proto://$ENV{SERVER_NAME}/$config{webupdateurl}?id=
".uri_escape($id)."&authtoken=".uri_escape($authtoken)."
&editdn=".uri_escape($dn, "\x00-\x40\x7f-\xff")."\">Edit my settings</a>\n";
+ $outsub{searchresults} .= "<a href=\"$proto://$ENV{SERVER_NAME}/$config{webupdateurl}?id=
$id&authtoken=$authtoken
&editdn=".uri_escape($dn, "\x00-\x40\x7f-\xff")."\">Edit my settings</a>\n";
}
$outsub{searchresults} .= "<br><br><br>\n";
}
$outsub{searchresults} .= "<br><br><br>\n";