gideonstar
/
blogthon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed a grave security issue

This commit is contained in:
Stefan Ritter 2009-07-21 17:27:23 +02:00
parent 6203534223
commit 479e4490bc
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
blogthon.cgi
View File

@ -123,9 +123,15 @@ except: errorpage("newest_first")
# Read POST Variables # Read POST Variables
action = cgi.FieldStorage() action = cgi.FieldStorage()
month_display = action.getvalue('m') month_display = action.getvalue('m')
static_display = action.getvalue('s') static_display = action.getvalue('s')
if static_display: static_display = re.sub('/', '', static_display)
post_display = action.getvalue('p') post_display = action.getvalue('p')
if post_display: post_display = re.sub(' ', '-', post_display) if post_display:
post_display = re.sub(' ', '-', post_display)
post_display = re.sub('/', '', post_display)
allentries_display = action.getvalue('a') allentries_display = action.getvalue('a')
feed_display = action.getvalue('feed') feed_display = action.getvalue('feed')
if not month_display: month_display = "" if not month_display: month_display = ""