diff options
author | plegall <plg@piwigo.org> | 2010-09-13 18:40:34 +0000 |
---|---|---|
committer | plegall <plg@piwigo.org> | 2010-09-13 18:40:34 +0000 |
commit | 25ca538c0c59d14df1c76a557c7f76da9019f643 (patch) | |
tree | 247edf7fc0ddff9f7ea36e9042dd126aea24848c | |
parent | e05f2b5e613c39801c8665bffb1222c353485431 (diff) |
bug 1848 fixed: do not print methodName in header to avoid CRLF attack.
git-svn-id: http://piwigo.org/svn/branches/2.1@6890 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r-- | include/ws_core.inc.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/ws_core.inc.php b/include/ws_core.inc.php index 043c2c112..28f834a76 100644 --- a/include/ws_core.inc.php +++ b/include/ws_core.inc.php @@ -477,7 +477,7 @@ Request format: ".@$this->_requestFormat." Response format: ".@$this->_responseF if ( $method==null ) { - return new PwgError(WS_ERR_INVALID_METHOD, 'Method name "'.$methodName.'" is not valid'); + return new PwgError(WS_ERR_INVALID_METHOD, 'Method name is not valid'); } // parameter check and data coercion ! |