diff options
| author | Joas Schilling <nickvergessen@gmx.de> | 2015-04-11 17:43:06 +0200 |
|---|---|---|
| committer | Andreas Fischer <bantu@phpbb.com> | 2015-04-25 17:22:10 +0200 |
| commit | 463c62df1847a3791fb7ec23b72c2f72bed12938 (patch) | |
| tree | aa90367dc4217165b93c492984403f3de5681960 /phpBB/includes/functions.php | |
| parent | 35d2467c94e8bb4b7c9c4919d5c6a3c98e0c85ed (diff) | |
| download | forums-463c62df1847a3791fb7ec23b72c2f72bed12938.tar forums-463c62df1847a3791fb7ec23b72c2f72bed12938.tar.gz forums-463c62df1847a3791fb7ec23b72c2f72bed12938.tar.bz2 forums-463c62df1847a3791fb7ec23b72c2f72bed12938.tar.xz forums-463c62df1847a3791fb7ec23b72c2f72bed12938.zip | |
[ticket/13765] Verify SERVER_PROTOCOL has the expected format before using it.
PHPBB3-13765
Diffstat (limited to 'phpBB/includes/functions.php')
| -rw-r--r-- | phpBB/includes/functions.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index f0657b9016..4ae6e7a018 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2782,7 +2782,7 @@ function send_status_line($code, $message) } else { - if (!empty($_SERVER['SERVER_PROTOCOL'])) + if (!empty($_SERVER['SERVER_PROTOCOL']) && is_string($_SERVER['SERVER_PROTOCOL']) && preg_match('#^HTTP/[0-9]\.[0-9]$#', $_SERVER['SERVER_PROTOCOL'])) { $version = $_SERVER['SERVER_PROTOCOL']; } |