aboutsummaryrefslogtreecommitdiffstats
path: root/modules/viewvc/files/setcookieredirect.html
diff options
context:
space:
mode:
Diffstat (limited to 'modules/viewvc/files/setcookieredirect.html')
-rw-r--r--modules/viewvc/files/setcookieredirect.html2
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/viewvc/files/setcookieredirect.html b/modules/viewvc/files/setcookieredirect.html
index d1b7ada4..04ec8e80 100644
--- a/modules/viewvc/files/setcookieredirect.html
+++ b/modules/viewvc/files/setcookieredirect.html
@@ -10,7 +10,7 @@
});
let url = params.to;
// Sanitize redirect path to avoid malicious arbitrary redirects
- if (/^\/[-_a-zA-Z0-9~.?&=/]*$/.test(url)) {
+ if (/^\/[-a-zA-Z0-9~_.?&=/+]*$/.test(url)) {
window.location.href = url;
} else {
window.onload = function() {
generated by cgit v1.2.1 (git 2.21.0) at 2025-05-25 07:22:18 +0000