diff options
Diffstat (limited to 'www/apache22')
| -rw-r--r-- | www/apache22/files/patch-secfix-CAN-2005-3352 | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/www/apache22/files/patch-secfix-CAN-2005-3352 b/www/apache22/files/patch-secfix-CAN-2005-3352 index cc97428d6b80..ec323c26da5a 100644 --- a/www/apache22/files/patch-secfix-CAN-2005-3352 +++ b/www/apache22/files/patch-secfix-CAN-2005-3352 @@ -5,7 +5,7 @@ referer = apr_table_get(r->headers_in, "Referer"); if (referer && *referer) { - return apr_pstrdup(r->pool, referer); -+ return apr_escape_html(r->pool, referer); ++ return ap_escape_html(r->pool, referer); } else { /* XXX: This used to do *value = '\0'; ... which is totally bogus |