diff options
| author | ArthurHoaro <arthur@hoa.ro> | 2016-03-21 19:06:46 +0100 |
|---|---|---|
| committer | ArthurHoaro <arthur@hoa.ro> | 2016-03-21 19:06:46 +0100 |
| commit | e15f08d72a7e5f697fe4d64f1bd48465052ca115 (patch) | |
| tree | f71efa1c8163b2ec687f7b9cf759514ccd76eb04 | |
| parent | 890afc32f744859d11b97eb26ed5c030af9b4145 (diff) | |
| download | Shaarli-e15f08d72a7e5f697fe4d64f1bd48465052ca115.tar.gz Shaarli-e15f08d72a7e5f697fe4d64f1bd48465052ca115.tar.zst Shaarli-e15f08d72a7e5f697fe4d64f1bd48465052ca115.zip | |
Use generateLocation to set the redirection in login (and don't escape the url)
| -rw-r--r-- | index.php | 2 |
1 files changed, 1 insertions, 1 deletions
| @@ -483,7 +483,7 @@ if (isset($_POST['login'])) | |||
| 483 | if (isset($_POST['returnurl'])) { | 483 | if (isset($_POST['returnurl'])) { |
| 484 | // Prevent loops over login screen. | 484 | // Prevent loops over login screen. |
| 485 | if (strpos($_POST['returnurl'], 'do=login') === false) { | 485 | if (strpos($_POST['returnurl'], 'do=login') === false) { |
| 486 | header('Location: '. escape($_POST['returnurl'])); | 486 | header('Location: '. generateLocation($_POST['returnurl'], $_SERVER['HTTP_HOST'])); |
| 487 | exit; | 487 | exit; |
| 488 | } | 488 | } |
| 489 | } | 489 | } |