From 28ef238a5ccd41833de364ab14ff21a254a9beaf Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 1 Nov 2014 16:26:40 +0100
Subject: [ticket/security-164] Sanitize all global variables in
 symfony_request class

SECURITY-164
---
 phpBB/phpbb/symfony_request.php | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'phpBB/phpbb/symfony_request.php')

diff --git a/phpBB/phpbb/symfony_request.php b/phpBB/phpbb/symfony_request.php
index bf9ddec493..ad949a35f2 100644
--- a/phpBB/phpbb/symfony_request.php
+++ b/phpBB/phpbb/symfony_request.php
@@ -38,6 +38,9 @@ class symfony_request extends Request
 
 		array_walk_recursive($get_parameters, $sanitizer);
 		array_walk_recursive($post_parameters, $sanitizer);
+		array_walk_recursive($server_parameters, $sanitizer);
+		array_walk_recursive($files_parameters, $sanitizer);
+		array_walk_recursive($cookie_parameters, $sanitizer);
 
 		parent::__construct($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters);
 	}
-- 
cgit v1.2.1