Vid parameter 취약점 필터링

임의값을 vid parameter에 입력하여 취약점 발생 방지 필터링
2026-01-09 03:32:00 +09:00 · 2014-10-20 17:53:50 +09:00 · 2014-10-20 17:53:50 +09:00 · f7113b9d89
commit f7113b9d89
parent dff41b789d
1 changed files with 5 additions and 1 deletions
--- a/classes/context/Context.class.php
+++ b/classes/context/Context.class.php
@ -1289,10 +1289,14 @@ class Context
 			{
 				$result[$k] = !preg_match('/^[0-9,]+$/', $v) ? (int) $v : $v;
 			}
-			elseif($key === 'mid' || $key === 'vid' || $key === 'search_keyword')
+			elseif($key === 'mid' || $key === 'search_keyword')
 			{
 				$result[$k] = htmlspecialchars($v, ENT_COMPAT | ENT_HTML401, 'UTF-8', FALSE);
 			}
+			elseif($key === 'vid' )
+			{
+				$result[$k] = urlencode($v);
+			}
 			else
 			{
 				$result[$k] = $v;