From 5651c47b1d5ea4baba78ddf25b23633f9400ab29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miroslav=20=C5=A0ediv=C3=BD?= Date: Sat, 15 Jan 2022 20:07:35 +0100 Subject: [PATCH] fix url escape. --- index.php | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) diff --git a/index.php b/index.php index a11920a..a55cd28 100644 --- a/index.php +++ b/index.php @@ -13,12 +13,6 @@ if(empty($_SESSION['token'])){ function escape($str) { return htmlspecialchars($str, ENT_QUOTES, 'UTF-8'); } -function encodeURIComponent($str) { - return rawurlencode($str); -} -function encodeURI($str) { - return implode('/', array_map('rawurlencode', explode('/', $str))); -} //$.ajaxSetup({headers:{'Csrf-Token':'token'}}); @@ -50,7 +44,7 @@ if(!empty($styles)){ } $styles = array_unique($styles); - $styles = array_map('encodeURI', $styles); + $styles = array_map('escape', $styles); $styles_html = ''.PHP_EOL.''.PHP_EOL; } @@ -63,14 +57,14 @@ if(!empty($scripts)){ } $scripts = array_unique($scripts); - $scripts = array_map('encodeURI', $scripts); + $scripts = array_map('escape', $scripts); $scripts_html = ''.PHP_EOL.''.PHP_EOL; } // Use version suffix in URLs to prevent cache $versionSuffix = ''; if (Config::get_safe("version", false)) { - $versionSuffix = '?v='.encodeURIComponent(Config::get("version")); + $versionSuffix = '?v='.rawurlencode(Config::get("version")); } ?> @@ -85,7 +79,7 @@ if (Config::get_safe("version", false)) { - .css" rel="stylesheet" type="text/css" /> + .css" rel="stylesheet" type="text/css" /> @@ -187,7 +181,7 @@ if (Config::get_safe("version", false)) {