summaryrefslogtreecommitdiffstats
path: root/usr/local/www/firewall_rules_edit.php
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2012-10-31 14:23:46 -0400
committerjim-p <jimp@pfsense.org>2012-10-31 14:23:46 -0400
commitbb33a33724161823b6bd35e7f0f19a1d551cda82 (patch)
tree8e1595be70023808581d8116b334d744596e6212 /usr/local/www/firewall_rules_edit.php
parente653b6e118bbc28fb60d27529104d73dc44d9631 (diff)
downloadpfsense-bb33a33724161823b6bd35e7f0f19a1d551cda82.zip
pfsense-bb33a33724161823b6bd35e7f0f19a1d551cda82.tar.gz
Encode the interface parameter before using it in a redirect
Diffstat (limited to 'usr/local/www/firewall_rules_edit.php')
-rwxr-xr-xusr/local/www/firewall_rules_edit.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php
index 119d347..1e7bf9e 100755
--- a/usr/local/www/firewall_rules_edit.php
+++ b/usr/local/www/firewall_rules_edit.php
@@ -651,7 +651,7 @@ if ($_POST) {
if (isset($_POST['floating']))
header("Location: firewall_rules.php?if=FloatingRules");
else
- header("Location: firewall_rules.php?if=" . $_POST['interface']);
+ header("Location: firewall_rules.php?if=" . htmlspecialchars($_POST['interface']));
exit;
}
}
OpenPOWER on IntegriCloud