You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shindig.apache.org by li...@apache.org on 2010/06/02 10:28:15 UTC
svn commit: r950418 - /shindig/trunk/php/src/gadgets/servlet/FilesServlet.php
Author: lindner
Date: Wed Jun 2 08:28:15 2010
New Revision: 950418
URL: http://svn.apache.org/viewvc?rev=950418&view=rev
Log:
SHINDIG-1332 | Patch from Ram Sharma | wrong replacement in FileContainer
Modified:
shindig/trunk/php/src/gadgets/servlet/FilesServlet.php
Modified: shindig/trunk/php/src/gadgets/servlet/FilesServlet.php
URL: http://svn.apache.org/viewvc/shindig/trunk/php/src/gadgets/servlet/FilesServlet.php?rev=950418&r1=950417&r2=950418&view=diff
==============================================================================
--- shindig/trunk/php/src/gadgets/servlet/FilesServlet.php (original)
+++ shindig/trunk/php/src/gadgets/servlet/FilesServlet.php Wed Jun 2 08:28:15 2010
@@ -36,7 +36,7 @@ class FilesServlet extends HttpServlet {
* but doesn't exist a 404 error is returned
*/
public function doGet() {
- $file = str_replace(Config::get('web_prefix') . '/gadgets/files/', '', $_SERVER["REQUEST_URI"]);
+ $file = str_replace(Config::get('web_prefix'), '', $_SERVER["REQUEST_URI"]);
$file = Config::get('javascript_path') . $file;
// make sure that the real path name is actually in the javascript_path, so people can't abuse this to read
// your private data from disk .. otherwise this would be a huge privacy and security issue