diff options
author | jim-p <jimp@pfsense.org> | 2012-10-31 14:23:46 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2012-10-31 14:23:46 -0400 |
commit | bb33a33724161823b6bd35e7f0f19a1d551cda82 (patch) | |
tree | 8e1595be70023808581d8116b334d744596e6212 /usr/local/www/firewall_rules_edit.php | |
parent | e653b6e118bbc28fb60d27529104d73dc44d9631 (diff) | |
download | pfsense-bb33a33724161823b6bd35e7f0f19a1d551cda82.zip pfsense-bb33a33724161823b6bd35e7f0f19a1d551cda82.tar.gz |
Encode the interface parameter before using it in a redirect
Diffstat (limited to 'usr/local/www/firewall_rules_edit.php')
-rwxr-xr-x | usr/local/www/firewall_rules_edit.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index 119d347..1e7bf9e 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -651,7 +651,7 @@ if ($_POST) { if (isset($_POST['floating'])) header("Location: firewall_rules.php?if=FloatingRules"); else - header("Location: firewall_rules.php?if=" . $_POST['interface']); + header("Location: firewall_rules.php?if=" . htmlspecialchars($_POST['interface'])); exit; } } |