diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2013-11-17 17:10:17 -0800 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2013-11-17 17:10:17 -0800 |
| commit | f4830f3d053be44857e1a5701b2dde2a3de0d584 (patch) | |
| tree | 1cec5959b442058ad5676fde789af734fac9346f /httemplate/edit/process | |
| parent | 9e92a2d4f301066b672be636e51552bbab9d0d27 (diff) | |
don't redirect to a GET with sensitive data, RT#26099
Diffstat (limited to 'httemplate/edit/process')
| -rwxr-xr-x | httemplate/edit/process/cust_main.cgi | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/httemplate/edit/process/cust_main.cgi b/httemplate/edit/process/cust_main.cgi index ff8be1a71..4fb8f622d 100755 --- a/httemplate/edit/process/cust_main.cgi +++ b/httemplate/edit/process/cust_main.cgi @@ -1,7 +1,7 @@ % if ( $error ) { % $cgi->param('error', $error); -% -<% $cgi->redirect(popurl(2). "cust_main.cgi?". $cgi->query_string ) %> +% my $query = $m->scomp('/elements/create_uri_query', 'secure'=>1); +<% $cgi->redirect(popurl(2). "cust_main.cgi?$query" ) %> % % } else { % |