gitweb: No error messages with unescaped/unprotected user input

Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <junkio@cox.net>
19 years ago · e2860ead31
1 changed files with 1 additions and 1 deletions
--- a/gitweb/gitweb.perl
+++ b/gitweb/gitweb.perl
@ -1265,7 +1265,7 @@ sub git_diff_print {
				@@ -1265,7 +1265,7 @@ sub git_diff_print {
 sub git_project_list {
 	my $order = $cgi->param('o');
 	if (defined $order && $order !~ m/project|descr|owner|age/) {
-		die_error(undef, "Invalid order parameter '$order'");
+		die_error(undef, "Unknown order parameter");
 	}

 	my @list = git_read_projects();