From 6fbea5dc56bbc91917b639bd5dcf42fce05d3919 Mon Sep 17 00:00:00 2001
From: Dominique Fournier <dominique@fournier38.fr>
Date: Thu, 7 May 2015 14:40:25 +0000
Subject: [PATCH] route : the redirect can be done outside the site, with a
 warning

git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@2161 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
---
 route.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/route.php b/route.php
index f2bc1dd..322ba66 100644
--- a/route.php
+++ b/route.php
@@ -190,7 +190,7 @@ class route
     // Allow to redirect from POST to GET, but not GET to GET (can loop)
     if ($destURL === $requestURL && $_SERVER["REQUEST_METHOD"] === "GET")
       throw new Exception ("Redirect to myself", 508);
-    if (substr_count ("../", $baseURL) > 1+ substr_count ("/", $destURL))
+    if (substr_count ($baseURL, "../") > 1+ substr_count ($destURL,"/"))
       throw new Exception ("Can't redirect outside this site (Base $baseURL)",
                            405);