Enforce POST requests to only contain POST data.

author Felix Dörre <felix@dogcraft.de>

Thu, 24 Jul 2014 22:49:15 +0000 (00:49 +0200)

committer Felix Dörre <felix@dogcraft.de>

Thu, 24 Jul 2014 23:44:43 +0000 (01:44 +0200)
author Felix Dörre <felix@dogcraft.de>
Thu, 24 Jul 2014 22:49:15 +0000 (00:49 +0200)
committer Felix Dörre <felix@dogcraft.de>
Thu, 24 Jul 2014 23:44:43 +0000 (01:44 +0200)
diff --git a/src/org/cacert/gigi/Gigi.java b/src/org/cacert/gigi/Gigi.java

index d584cd0956b3e68446fb0eb37b546ea25be1c035..9d1bb1b9afb4b84f56bae564ec02e7dc3fa47721 100644 (file)
--- a/src/org/cacert/gigi/Gigi.java
+++ b/src/org/cacert/gigi/Gigi.java
@@ -109,6 +109,9 @@ public class Gigi extends HttpServlet {
                                 public void output(PrintWriter out, Language l, Map<String, Object> vars) {
                                         try {
                                                 if (req.getMethod().equals("POST")) {
+                                                       if (req.getQueryString() != null) {
+                                                               return;
+                                                       }
                                                         p.doPost(req, resp);
                                                 } else {
                                                         p.doGet(req, resp);
author	Felix Dörre <felix@dogcraft.de>
	Thu, 24 Jul 2014 22:49:15 +0000 (00:49 +0200)
committer	Felix Dörre <felix@dogcraft.de>
	Thu, 24 Jul 2014 23:44:43 +0000 (01:44 +0200)