diff options
author | jim-p <jimp@pfsense.org> | 2012-10-31 14:23:46 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2012-10-31 14:24:15 -0400 |
commit | 7cf76e8bb53dbb637f2800150380601105fb1ce2 (patch) | |
tree | 8dbaa870d3b6ae44f5ff32e1e19961af1e70e8d9 | |
parent | ee8981553bd187ea9eb0d2af88fb48c855a638dc (diff) | |
download | pfsense-7cf76e8bb53dbb637f2800150380601105fb1ce2.zip pfsense-7cf76e8bb53dbb637f2800150380601105fb1ce2.tar.gz |
Encode the interface parameter before using it in a redirect
-rwxr-xr-x | usr/local/www/firewall_rules_edit.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index e054a6c..ba9b3ce 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -574,7 +574,7 @@ if ($_POST) { if (isset($_POST['floating'])) header("Location: firewall_rules.php?if=FloatingRules"); else - header("Location: firewall_rules.php?if=" . $_POST['interface']); + header("Location: firewall_rules.php?if=" . htmlspecialchars($_POST['interface'])); exit; } } |