[aur-dev] [PATCH] Redirect back after login

Marcel Korpel marcel.lists at gmail.com
Mon Dec 17 13:10:43 EST 2012

On Sun, Dec 16, 2012 at 7:12 PM, canyonknight <canyonknight at gmail.com> wrote:
> This implementation is susceptible to HTTP header injection.

Ok. You mean in the current 'Location:' line without filtering 0x0a and 0x0d?

> Also note
> the usage of $_SERVER['REQUEST_URI'] had previously been eliminated
> with commit 630f1cbae8473fb05e5f5af7244eccc60fe93812.

If we can't trust $_SERVER['REQUEST_URI'], then how should we
determine the current URL? Using $_SERVER['PATH_INFO'] and
$_SERVER['QUERY_STRING']? Or are these also susceptible to

Regards, Marcel

More information about the aur-dev mailing list