mirrors/h5ai
1
0
Fork 0
mirror of https://github.com/lrsjng/h5ai.git synced 2025-05-25 20:44:53 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Secures ABS_HREF.

Browse source
This commit is contained in:
Lars Jung 2013-07-15 00:17:10 +02:00
parent 4c8bb24267
commit 1be30a8e74
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/_h5ai/server/php/index.php
View file

@ -12,7 +12,9 @@ function normalize_path($path, $trailing_slash = false) {
define("APP_ABS_PATH", normalize_path(dirname(dirname(dirname(__FILE__))))); define("APP_ABS_PATH", normalize_path(dirname(dirname(dirname(__FILE__)))));
// define("APP_ABS_HREF", normalize_path(dirname(dirname(dirname(getenv("SCRIPT_NAME")))), true)); // define("APP_ABS_HREF", normalize_path(dirname(dirname(dirname(getenv("SCRIPT_NAME")))), true));
define("APP_ABS_HREF", normalize_path(dirname(dirname(dirname(preg_replace('#^.*//#', '/', getenv("SCRIPT_NAME"))))), true)); // fixes lighttpd issues define("APP_ABS_HREF", normalize_path(dirname(dirname(dirname(preg_replace('#^.*//#', '/', getenv("SCRIPT_NAME"))))), true)); // fixes lighttpd issues
define("ABS_HREF", normalize_path(preg_replace('/[^\\/]*$/', '', getenv("REQUEST_URI")), true)); $url_parts = parse_url(getenv("REQUEST_URI"));
define("ABS_HREF", normalize_path($url_parts["path"]), true);
function normalized_require_once($lib) { function normalized_require_once($lib) {