- Patch #520764 by Damien Tournoud, JoshuaRogers, brianV: fixed SA-CORE-2009-007: request values in URL, including password/username.

author: Dries Buytaert <dries@buytaert.net> 2009-12-05 20:17:02 +0000
committer: Dries Buytaert <dries@buytaert.net> 2009-12-05 20:17:02 +0000
commit: ab78dadd5166cce0b09adea43fcd1b8eaf70d440 (patch)
tree: 9cbf85d5fec6f7d9b86196ec7cecc53ba1d0329e /includes/pager.inc
parent: 5b6acba1d2d9d3039fca231ccfc82585fce66590 (diff)
download: brdo-ab78dadd5166cce0b09adea43fcd1b8eaf70d440.tar.gz
brdo-ab78dadd5166cce0b09adea43fcd1b8eaf70d440.tar.bz2
1 files changed, 1 insertions, 1 deletions
diff --git a/includes/pager.inc b/includes/pager.inc
index 211fe9a76..7430cfe8c 100644
--- a/includes/pager.inc
+++ b/includes/pager.inc
@@ -180,7 +180,7 @@ class PagerDefault extends SelectQueryExtender {
 function pager_get_query_parameters() {
   $query = &drupal_static(__FUNCTION__);
   if (!isset($query)) {
-    $query = drupal_get_query_parameters($_REQUEST, array_merge(array('q', 'page'), array_keys($_COOKIE)));
+    $query = drupal_get_query_parameters($_GET, array('q', 'page'));
   }
   return $query;
 }
author	Dries Buytaert <dries@buytaert.net>	2009-12-05 20:17:02 +0000
committer	Dries Buytaert <dries@buytaert.net>	2009-12-05 20:17:02 +0000
commit	ab78dadd5166cce0b09adea43fcd1b8eaf70d440 (patch)
tree	9cbf85d5fec6f7d9b86196ec7cecc53ba1d0329e /includes/pager.inc
parent	5b6acba1d2d9d3039fca231ccfc82585fce66590 (diff)
download	brdo-ab78dadd5166cce0b09adea43fcd1b8eaf70d440.tar.gz brdo-ab78dadd5166cce0b09adea43fcd1b8eaf70d440.tar.bz2