From: Moritz Bunkus Date: Wed, 10 Feb 2016 12:26:58 +0000 (+0100) Subject: CustomerVendor-Controller: Callback nicht 2x escapen X-Git-Tag: release-3.4.1~431 X-Git-Url: http://wagnertech.de/git?a=commitdiff_plain;h=897668e98733ed799c193eaacf722f863412cbc8;p=kivitendo-erp.git CustomerVendor-Controller: Callback nicht 2x escapen url_for() escapet die Parameter bereits, daher ist es schädlich, das vorher auch noch manuell zu tun. Behebt #128. --- diff --git a/SL/Controller/CustomerVendor.pm b/SL/Controller/CustomerVendor.pm index 625ec62e0..a624ba27b 100644 --- a/SL/Controller/CustomerVendor.pm +++ b/SL/Controller/CustomerVendor.pm @@ -264,7 +264,6 @@ sub _transaction { $self->_save(); - my $callback = $::form->escape($::form->{callback}, 1); my $name = $::form->escape($self->{cv}->name, 1); my $db = $self->is_vendor() ? 'vendor' : 'customer'; @@ -275,7 +274,7 @@ sub _transaction { $db .'_id' => $self->{cv}->id, $db => $name, type => $::form->{type}, - callback => $callback, + callback => $::form->{callback}, ); print $::form->redirect_header($url);