diff options
Diffstat (limited to 'engine')
-rw-r--r-- | engine/handlers/cache_handler.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/engine/handlers/cache_handler.php b/engine/handlers/cache_handler.php index d08863a00..557b37835 100644 --- a/engine/handlers/cache_handler.php +++ b/engine/handlers/cache_handler.php @@ -40,8 +40,8 @@ $dataroot = $row->value; $dirty_request = $_GET['request']; -// only alphanumeric characters plus / and . and no '..' -$filter = array("options" => array("regexp" => "/^(\.?[a-zA-Z0-9\/]+)+$/")); +// only alphanumeric characters plus /, ., and _ and no '..' +$filter = array("options" => array("regexp" => "/^(\.?[_a-zA-Z0-9\/]+)+$/")); $request = filter_var($dirty_request, FILTER_VALIDATE_REGEXP, $filter); if (!$request) { echo 'Cache error: bad request'; |