From: Jakub Narebski Date: Sat, 5 Aug 2006 11:15:24 +0000 (+0200) Subject: gitweb: No error messages with unescaped/unprotected user input X-Git-Tag: v1.4.3-rc1~274^2~11 X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=e2860ead31579a15ee94831f2b9b55e43caa2cac;p=git.git gitweb: No error messages with unescaped/unprotected user input Signed-off-by: Jakub Narebski Signed-off-by: Junio C Hamano --- diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl index 628490145..2e2629ca5 100755 --- a/gitweb/gitweb.perl +++ b/gitweb/gitweb.perl @@ -1265,7 +1265,7 @@ sub git_diff_print { sub git_project_list { my $order = $cgi->param('o'); if (defined $order && $order !~ m/project|descr|owner|age/) { - die_error(undef, "Invalid order parameter '$order'"); + die_error(undef, "Unknown order parameter"); } my @list = git_read_projects();