referer모듈의 XSS 악용 여지가 있는 코드 수정. (최영대님 제보)

git-svn-id: http://xe-core.googlecode.com/svn/sandbox@5018 201d5d3c-b55e-5fd7-737f-ddc643e51545
2026-04-17 09:24:17 +09:00 · 2008-11-28 02:42:44 +00:00 · 2008-11-28 02:42:44 +00:00 · 3cb0a953b7
commit 3cb0a953b7
parent 4408368cd8
1 changed files with 1 additions and 1 deletions
--- a/modules/referer/referer.controller.php
+++ b/modules/referer/referer.controller.php
@ -21,7 +21,7 @@

 	    $oDB = &DB::getInstance();
 	    $oDB -> begin();
-	    $this->insertRefererLog($referer['host'], $_SERVER["HTTP_REFERER"]);
+	    $this->insertRefererLog($referer['host'], removeHackTag($_SERVER["HTTP_REFERER"]));
 	    $this->deleteOlddatedRefererLogs();
 	    $this->updateRefererStatistics($referer['host']);
 	    $oDB -> commit();