diff options
| author | Andy Staudacher <andy.st@gmail.com> | 2009-11-15 19:44:47 -0800 |
|---|---|---|
| committer | Andy Staudacher <andy.st@gmail.com> | 2009-11-15 19:44:47 -0800 |
| commit | 0733dc37fda27a5ba35f9020edf3c66aa41a95a0 (patch) | |
| tree | 6877946232f1b01b1c8709054c689f6658cef34f /modules/gallery/controllers/file_proxy.php | |
| parent | 218493c50be9362d4abed6900a816308fee5d978 (diff) | |
| parent | 9379308f91a476f790fb8d444536719535c584e4 (diff) | |
Merge commit 'upstream/master'
Conflicts:
modules/gallery/tests/xss_data.txt
Diffstat (limited to 'modules/gallery/controllers/file_proxy.php')
| -rw-r--r-- | modules/gallery/controllers/file_proxy.php | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/modules/gallery/controllers/file_proxy.php b/modules/gallery/controllers/file_proxy.php index 8cb90c50..acfd6eb9 100644 --- a/modules/gallery/controllers/file_proxy.php +++ b/modules/gallery/controllers/file_proxy.php @@ -32,10 +32,6 @@ class File_Proxy_Controller extends Controller { $request_uri = $this->input->server("REQUEST_URI"); $request_uri = preg_replace("/\?.*/", "", $request_uri); - // Unescape %7E (~), %20 ( ) and %27 (') - // @todo: figure out why we have to do this and unescape everything appropriate - $request_uri = str_replace(array("%7E", "%20", "%27"), array("~", " ", "'"), $request_uri); - // var_uri: http://example.com/gallery3/var/ $var_uri = url::file("var/"); |