aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2010-09-13 18:40:34 +0000
committerplegall <plg@piwigo.org>2010-09-13 18:40:34 +0000
commit25ca538c0c59d14df1c76a557c7f76da9019f643 (patch)
tree247edf7fc0ddff9f7ea36e9042dd126aea24848c
parente05f2b5e613c39801c8665bffb1222c353485431 (diff)
bug 1848 fixed: do not print methodName in header to avoid CRLF attack.
git-svn-id: http://piwigo.org/svn/branches/2.1@6890 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r--include/ws_core.inc.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/include/ws_core.inc.php b/include/ws_core.inc.php
index 043c2c112..28f834a76 100644
--- a/include/ws_core.inc.php
+++ b/include/ws_core.inc.php
@@ -477,7 +477,7 @@ Request format: ".@$this->_requestFormat." Response format: ".@$this->_responseF
if ( $method==null )
{
- return new PwgError(WS_ERR_INVALID_METHOD, 'Method name "'.$methodName.'" is not valid');
+ return new PwgError(WS_ERR_INVALID_METHOD, 'Method name is not valid');
}
// parameter check and data coercion !