[LON-CAPA-cvs] cvs: loncom /auth lonlogin.pm
raeburn
raeburn@source.lon-capa.org
Wed, 25 Aug 2010 22:03:51 -0000
raeburn Wed Aug 25 22:03:51 2010 EDT
Modified files:
/loncom/auth lonlogin.pm
Log:
- Sanitize input from query string.
Index: loncom/auth/lonlogin.pm
diff -u loncom/auth/lonlogin.pm:1.141 loncom/auth/lonlogin.pm:1.142
--- loncom/auth/lonlogin.pm:1.141 Wed Aug 25 17:47:21 2010
+++ loncom/auth/lonlogin.pm Wed Aug 25 22:03:51 2010
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Login Screen
#
-# $Id: lonlogin.pm,v 1.141 2010/08/25 17:47:21 raeburn Exp $
+# $Id: lonlogin.pm,v 1.142 2010/08/25 22:03:51 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -69,6 +69,7 @@
return OK;
}
+ $env{'form.firsturl'} =~ =~ s/(`)/'/g;
# -------------------------------- Prevent users from attempting to login twice
my $handle = &Apache::lonnet::check_for_valid_session($r);