greggy/landingpage-haus-schleusingen
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Fix #43: Offene Redirects via REQUEST_URI fixen #51

Merged
greggy merged 1 commits from feature/issue-43-open-redirect-fix into main 2026-05-22 08:32:24 +02:00
Conversation 0 Commits 1 Files Changed 1 +3 -3

1 Commits

Author SHA1 Message Date
Claw (KI-Assistent)
d44fb337e2 fix(security): replace REQUEST_URI with fixed path in redirects (#43)
All checks were successful
Deploy Feature Branch to Test / deploy (push) Successful in 24s
Details
Lint / PHP Syntax Check (push) Successful in 33s
Details
Lint / CSS Lint (stylelint) (push) Successful in 1m14s
Details
Lint / HTML Lint (htmlhint) (push) Successful in 1m8s
Details
Lint / PHP Syntax Check (pull_request) Successful in 32s
Details
Lint / CSS Lint (stylelint) (pull_request) Successful in 1m12s
Details
Lint / HTML Lint (htmlhint) (pull_request) Successful in 1m8s
Details 
- Replace all 3 occurrences of $_SERVER['REQUEST_URI'] with '/'
- Prevents potential open redirect via client-controlled REQUEST_URI
- Safe since contact form only exists on homepage

Fix #43
 2026-05-21 23:06:19 +00:00