Limit the allowed characters in a request to [a-zA-Z0-9-_.:/= ] everything

else will cause an "invalid character in input" error.
Fixes xss issue noticed by Anton Karpov.
OK henning@, sthen@

0 files changed, 0 insertions, 0 deletions