Create $returntoquery variable properly
The $returntoquery variable is created only when request wasn't posted, but the variable can be accessed on POSTed request. To fix that issue we need to always define $returntoquery as an empty array. This is done in order to prevent leak of any sensitive data sent by POST request. The sample error from fatalmonitor: Undefined variable: returntoquery in skins/MinervaNeue/includes/skins/SkinMinerva.php on line 701 Bug: T205449 Change-Id: I20e5955ddcb99c110a3dc03fb3b56c1904601453
This commit is contained in:
parent
8c587c58c9
commit
71cbed60fb
|
@ -661,6 +661,8 @@ class SkinMinerva extends SkinTemplate {
|
|||
*/
|
||||
protected function insertLogInOutMenuItem( MenuBuilder $menu ) {
|
||||
$query = [];
|
||||
$returntoquery = [];
|
||||
|
||||
if ( !$this->getRequest()->wasPosted() ) {
|
||||
$returntoquery = $this->getRequest()->getValues();
|
||||
unset( $returntoquery['title'] );
|
||||
|
|
Loading…
Reference in New Issue