aboutsummaryrefslogtreecommitdiff
path: root/engine
diff options
context:
space:
mode:
Diffstat (limited to 'engine')
-rw-r--r--engine/handlers/cache_handler.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/engine/handlers/cache_handler.php b/engine/handlers/cache_handler.php
index d08863a00..557b37835 100644
--- a/engine/handlers/cache_handler.php
+++ b/engine/handlers/cache_handler.php
@@ -40,8 +40,8 @@ $dataroot = $row->value;
$dirty_request = $_GET['request'];
-// only alphanumeric characters plus / and . and no '..'
-$filter = array("options" => array("regexp" => "/^(\.?[a-zA-Z0-9\/]+)+$/"));
+// only alphanumeric characters plus /, ., and _ and no '..'
+$filter = array("options" => array("regexp" => "/^(\.?[_a-zA-Z0-9\/]+)+$/"));
$request = filter_var($dirty_request, FILTER_VALIDATE_REGEXP, $filter);
if (!$request) {
echo 'Cache error: bad request';