aboutsummaryrefslogtreecommitdiff
path: root/IkiWiki/CGI.pm
diff options
context:
space:
mode:
Diffstat (limited to 'IkiWiki/CGI.pm')
-rw-r--r--IkiWiki/CGI.pm6
1 files changed, 4 insertions, 2 deletions
diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm
index 52d3474f5..2a847eb17 100644
--- a/IkiWiki/CGI.pm
+++ b/IkiWiki/CGI.pm
@@ -304,8 +304,9 @@ sub cgi_editpage ($$) { #{{{
# This untaint is safe because we check file_pruned.
my $page=$form->field('page');
$page=possibly_foolish_untaint($page);
+ my $absolute=($page =~ s#^/+##);
if (! defined $page || ! length $page ||
- file_pruned($page, $config{srcdir}) || $page=~/^\//) {
+ file_pruned($page, $config{srcdir})) {
error("bad page name");
}
@@ -424,7 +425,8 @@ sub cgi_editpage ($$) { #{{{
if (! defined $from || ! length $from ||
$from ne $form->field('from') ||
file_pruned($from, $config{srcdir}) ||
- $from=~/^\// ||
+ $from=~/^\// ||
+ $absolute ||
$form->submitted eq "Preview") {
@page_locs=$best_loc=$page;
}
generated by cgit v1.2.3 (git 2.25.4) at 2024-06-07 10:06:57 +0000