Skip to content

Commit 9d364f6

Browse files
oscaroterooscarotero
committed
remove urldecode
1 parent f30ce58 commit 9d364f6

File tree

1 file changed

+2
-8
lines changed

1 file changed

+2
-8
lines changed

demo/index.php

Lines changed: 2 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -10,14 +10,8 @@ function get($name, $default = '')
1010
return $default;
1111
}
1212

13-
if ($name === 'url') {
14-
$url = urldecode($_GET['url']);
15-
16-
if (!filter_var($url, FILTER_VALIDATE_URL)) {
17-
return 'http://doNotTryToXSS.invalid';
18-
}
19-
20-
return $url;
13+
if ($name === 'url' && !filter_var($_GET['url'], FILTER_VALIDATE_URL)) {
14+
return 'http://doNotTryToXSS.invalid';
2115
}
2216

2317
return $_GET[$name];

0 commit comments

Comments
 (0)