From 46abc613e2ff04f8953e2b94abac5b97d03d0f71 Mon Sep 17 00:00:00 2001 From: Erich Eckner Date: Wed, 7 Aug 2019 10:34:20 +0200 Subject: init.php: urldecode() QUERY_STRING and REQUEST_URI before cleaning --- init.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/init.php b/init.php index 3ea1c4d..ee01831 100644 --- a/init.php +++ b/init.php @@ -6,7 +6,7 @@ $_SERVER['QUERY_STRING'] = htmlspecialchars( preg_replace( '/%.?.?/', '', - $_SERVER['QUERY_STRING'] + urldecode($_SERVER['QUERY_STRING']) ) ) ); @@ -16,7 +16,7 @@ $_SERVER['REQUEST_URI'] = htmlspecialchars( preg_replace( '/%.?.?/', '', - $_SERVER['REQUEST_URI'] + urldecode($_SERVER['REQUEST_URI']) ) ) ); -- cgit v1.2.3-70-g09d2