From 25ca538c0c59d14df1c76a557c7f76da9019f643 Mon Sep 17 00:00:00 2001 From: plegall Date: Mon, 13 Sep 2010 18:40:34 +0000 Subject: bug 1848 fixed: do not print methodName in header to avoid CRLF attack. git-svn-id: http://piwigo.org/svn/branches/2.1@6890 68402e56-0260-453c-a942-63ccdbb3a9ee --- include/ws_core.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/ws_core.inc.php') diff --git a/include/ws_core.inc.php b/include/ws_core.inc.php index 043c2c112..28f834a76 100644 --- a/include/ws_core.inc.php +++ b/include/ws_core.inc.php @@ -477,7 +477,7 @@ Request format: ".@$this->_requestFormat." Response format: ".@$this->_responseF if ( $method==null ) { - return new PwgError(WS_ERR_INVALID_METHOD, 'Method name "'.$methodName.'" is not valid'); + return new PwgError(WS_ERR_INVALID_METHOD, 'Method name is not valid'); } // parameter check and data coercion ! -- cgit v1.2.3