sanitize the format variable

author Don Armstrong <don@volo>

Tue, 20 Feb 2007 08:05:40 +0000 (00:05 -0800)

committer Don Armstrong <don@volo>

Tue, 20 Feb 2007 08:05:40 +0000 (00:05 -0800)
author Don Armstrong <don@volo>
Tue, 20 Feb 2007 08:05:40 +0000 (00:05 -0800)
committer Don Armstrong <don@volo>
Tue, 20 Feb 2007 08:05:40 +0000 (00:05 -0800)
diff --git a/cgi/version.cgi b/cgi/version.cgi

index c1df6918a0e4a21c3548f2a0c83b56b0ad454ba2..d75edcf2cff233fbea5ac2801f778ed316364dd8 100755 (executable)
--- a/cgi/version.cgi
+++ b/cgi/version.cgi
@@ -66,6 +66,14 @@ if (defined $cgi_var{height}) {
       $cgi_var{height} = $1;
  }
  
+if (defined $cgi_var{format}) {
+     $cgi_var{format} =~ /(png|svg|jpg|gif)/;
+     $cgi_var{format} = $1 || 'png';
+}
+else {
+     $cgi_var{format} = 'png';
+}
+
  # then figure out which are affected.
  # turn found and fixed into full versions
  @{$cgi_var{found}} = makesourceversions($cgi_var{package},undef,@{$cgi_var{found}});
author	Don Armstrong <don@volo>
	Tue, 20 Feb 2007 08:05:40 +0000 (00:05 -0800)
committer	Don Armstrong <don@volo>
	Tue, 20 Feb 2007 08:05:40 +0000 (00:05 -0800)