extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-08 00:54:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

removed unneeded truncation of sensitive data - sensitive data must not be given at all to notifications link array

Browse Source
This commit is contained in:
Christian Binder 2009-10-09 19:22:39 +00:00
parent be0c204cfa
commit 29e477f912
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
notifications/inc/class.notifications_popup.inc.php
View File

@ -154,8 +154,7 @@ class notifications_popup implements notifications_iface {
if(!$link->popup) { $link->view['no_popup'] = 1; }
$url = html::link('/index.php', $link->view);
// do not expose sensitive data
$url = preg_replace('/(sessionid|kp3|domain)=[^&]+&?/','',$url);
// extract application-icon from menuaction
if($link->view['menuaction']) {
$menuaction_arr = explode('.',$link->view['menuaction']);