summaryrefslogtreecommitdiff
path: root/init.php
AgeCommit message (Collapse)Author
2019-08-07init.php: urldecode() QUERY_STRING and REQUEST_URI before cleaningErich Eckner
2019-03-20init.php: do not try to decode %## - it should never appear in valid queries ↵Erich Eckner
- simply delete it
2019-03-19init.php: encode less: only specialchars are ancoded + ampersand in ↵Erich Eckner
QUERY_STRING and REQUEST_URI is /not/ encoded (otherwise parameter separation is broken)
2019-03-18init.php: clean up $_GET, $_SERVER["REQUEST_URI"] and ↵Erich Eckner
$_SERVER["QUERY_STRING"] against xss
2018-06-19Fix include path by generating absolute pathsTyler Dence