OF-834: Close Open_redirect
This now reassembles a URL from the path, query, and fragment supplied, and ignores the scheme and network location portions entirely. Thus http://www.google.com/foo redirects to /foo only. Credit to Jonathan Bush, Security Consultant at ProCheckUp http://www.procheckup.com
Showing
Please register or sign in to comment