Fix for URL injection vulnerability (Bug #1307966)

git-svn-id: https://svn.roundcube.net/trunk@9 208e9e7b-5314-0410-a742-e7e81cd9613c
author: roundcube <roundcube@208e9e7b-5314-0410-a742-e7e81cd9613c> 2005-09-29 20:30:10 +0000
committer: roundcube <roundcube@208e9e7b-5314-0410-a742-e7e81cd9613c> 2005-09-29 20:30:10 +0000
commit: 1da45b933e35f90a6c84ca652a4eb2e78f946916 (patch)
tree: 5de10294547fd1feb57a9a03a9f5ae29f6f9cccb /roundcubemail/program/steps/error.inc
parent: 63421e8191dd25c04b74ebcecdcd4231625a9ea9 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/roundcubemail/program/steps/error.inc b/roundcubemail/program/steps/error.inc
index efe30407e..9e5757d7b 100644
--- a/roundcubemail/program/steps/error.inc
+++ b/roundcubemail/program/steps/error.inc
@@ -52,7 +52,7 @@ else if ($ERROR_CODE==401)
 else if ($ERROR_CODE==404)
   {
   $__error_title = "REQUEST FAILED/FILE NOT FOUND";
-  $request_url = $GLOBALS['HTTP_HOST'].$GLOBALS['REQUEST_URI'];
+  $request_url = $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
   $__error_text  = <<<EOF
 The requested page was not found!<br />
 Please contact your server-administrator.
author	roundcube <roundcube@208e9e7b-5314-0410-a742-e7e81cd9613c>	2005-09-29 20:30:10 +0000
committer	roundcube <roundcube@208e9e7b-5314-0410-a742-e7e81cd9613c>	2005-09-29 20:30:10 +0000
commit	1da45b933e35f90a6c84ca652a4eb2e78f946916 (patch)
tree	5de10294547fd1feb57a9a03a9f5ae29f6f9cccb /roundcubemail/program/steps/error.inc
parent	63421e8191dd25c04b74ebcecdcd4231625a9ea9 (diff)