diff options
| author | Arnold Daniels <arnold@jasny.net> | 2016-11-29 23:56:03 +0100 |
|---|---|---|
| committer | Arnold Daniels <arnold@jasny.net> | 2016-11-29 23:56:03 +0100 |
| commit | 312fab48f1de4562851a4176285d6a1aca251df2 (patch) | |
| tree | 54a72aa1dceef7f8153fcee59fdddcbf317569b1 /src/Router/Runner/Controller.php | |
| parent | b895c4a0cc966bd397168c5f5dd61a1fb000423e (diff) | |
| download | router-origin/strict-controller-class.zip router-origin/strict-controller-class.tar.gz router-origin/strict-controller-class.tar.bz2 | |
Enforce that the namespace of a controller is done through an arrayorigin/strict-controller-class
Allowing to use a backslash could also lead to security issues
Diffstat (limited to 'src/Router/Runner/Controller.php')
| -rw-r--r-- | src/Router/Runner/Controller.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/Router/Runner/Controller.php b/src/Router/Runner/Controller.php index f230cb9..eb26ecd 100644 --- a/src/Router/Runner/Controller.php +++ b/src/Router/Runner/Controller.php @@ -75,7 +75,7 @@ class Controller extends Runner { return preg_replace_callback('/(?:^|(\w)-)(\w)/', function($match) { return $match[1] . strtoupper($match[2]); - }, strtolower($string)); + }, strtolower(addcslashes($string, '\\'))); } /** |