diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2012-11-11 22:34:22 -0800 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2012-11-11 22:34:22 -0800 |
| commit | 1b0e3600f2004f0977c9906b3f7db56f3ca80f5d (patch) | |
| tree | fbfe999b307ce7ffe1a4db86052e14c0267b3439 /FS | |
| parent | ecca16c3680dc94b13150d07b57d597d9f9482fe (diff) | |
fix XSS
Diffstat (limited to 'FS')
| -rw-r--r-- | FS/FS/ClientAPI/MyAccount.pm | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/FS/FS/ClientAPI/MyAccount.pm b/FS/FS/ClientAPI/MyAccount.pm index 7fe00e65b..d5fe15483 100644 --- a/FS/FS/ClientAPI/MyAccount.pm +++ b/FS/FS/ClientAPI/MyAccount.pm @@ -2004,6 +2004,9 @@ sub _usage_details { $p->{ending} = $end; } + die "illegal beginning" if $beginning !~ /^\d*$/; + die "illegal ending" if $ending !~ /^\d*$/; + my (@usage) = &$callback($svc_x, $p->{beginning}, $p->{ending}, %callback_opt ); |