1 files changed, 6 insertions, 0 deletions

diff --git a/includes/common.inc b/includes/common.inc
index 234309459..1e4c249a7 100644
--- a/includes/common.inc
+++ b/includes/common.inc
@@ -414,6 +414,12 @@ function search_type($type = 0, $action = 0, $query = 0, $options = 0) {
 function drupal_goto($url) {
 
   /*
+  ** Check the URL to prevent XSS attacks:
+  */
+
+  $url = check_url($url);
+
+  /*
   ** Translate & to simply &
   */