kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/japanese/perl5/files/patch-lib:CGI.pm
Shigeyuki Fukushima e42039bc30 Translate action URL by escapeHTML() (lib/CGI.pm). 
PR:		ports/57390
Submitted by:	IIJIMA Hiromitsu <delmonta@ht.sakura.ne.jp>
2003-10-03 16:27:06 +00:00

13 lines
599 B
Perl
Raw Blame History

--- lib/CGI.pm.orig Fri Feb 12 09:05:57 1999
+++ lib/CGI.pm Sat Oct 4 01:14:41 2003
@@ -1413,8 +1413,8 @@
$method = $method || 'POST';
$enctype = $enctype || &URL_ENCODED;
- $action = $action ? qq/ACTION="$action"/ : $method eq 'GET' ?
- 'ACTION="'.$self->script_name.'"' : '';
+ $action = $action ? 'ACTION="'.$self->escapeHTML($action).'"' : $method eq 'GET' ?
+ 'ACTION="'.$self->escapeHTML($self->script_name).'"' : '';
my($other) = @other ? " @other" : '';
$self->{'.parametersToAdd'}={};
return qq/<FORM METHOD="$method" $action ENCTYPE="$enctype"$other>\n/;
Reference in a new issue View git blame Copy permalink