Vid parameter 취약점 필터링

임의값을 vid parameter에 입력하여 취약점 발생 방지 필터링
2026-04-27 06:13:32 +09:00 · 2014-10-20 17:53:50 +09:00 · 2014-10-20 17:53:50 +09:00 · e018860377
commit e018860377
parent 4b56f1b777
1 changed files with 5 additions and 1 deletions
--- a/classes/context/Context.class.php
+++ b/classes/context/Context.class.php
@ -1276,10 +1276,14 @@ class Context
 			{
 				$result[$k] = !preg_match('/^[0-9,]+$/', $v) ? (int) $v : $v;
 			}
-			elseif($key === 'mid' || $key === 'vid' || $key === 'search_keyword')
+			elseif($key === 'mid' || $key === 'search_keyword')
 			{
 				$result[$k] = htmlspecialchars($v, ENT_COMPAT | ENT_HTML401, 'UTF-8', FALSE);
 			}
+			elseif($key === 'vid')
+			{
+				$result[$k] = urlencode($v);
+			}
 			else
 			{
 				$result[$k] = $v;