Changeset 3059 for tags/2.1.3

Show
Ignore:
Timestamp:
07/11/2008 09:04:42 AM (5 months ago)
Author:
Shadowhand
Message:

Copied some things from Router from trunk to tags/2.1.3, follow up to r3058.

Files:
1 modified

Legend:

Unmodified
Added
Removed

  • tags/2.1.3/system/libraries/Router.php

    r3049 r3059  
    5454                } 
    5555 
     56                // Make sure the URL is not tainted with HTML characters 
     57                self::$current_uri = html::specialchars(self::$current_uri, FALSE); 
     58 
     59                // Remove all dot-paths from the URI, they are not valid 
     60                self::$current_uri = str_replace(array('../', './'), '', self::$current_uri); 
     61 
    5662                // At this point segments, rsegments, and current URI are all the same 
    57                 // We trim off periods, slashes, and spaces to prevent malicious attacks 
    58                 // using ../../ URIs. 
    59                 self::$segments = self::$rsegments = self::$current_uri = trim(self::$current_uri, './ '); 
     63                self::$segments = self::$rsegments = self::$current_uri = trim(self::$current_uri, '/'); 
    6064 
    6165                (self::$segments === 'L0LEAST3R') and include SYSPATH.'views/kohana_holiday.php';