From 2de4e82f4ef58744803218324aeb583b5e4a2a59 Mon Sep 17 00:00:00 2001
From: "cst%andrew.cmu.edu" <cst%andrew.cmu.edu>
Date: Mon, 17 Jan 2005 02:37:56 +0000
Subject: [PATCH] Bug 276671 Escape GET variables better Patch by
 g.maone@informaction.com, r=alanjstr

---
 webtools/update/core/inc_browserdetection.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webtools/update/core/inc_browserdetection.php b/webtools/update/core/inc_browserdetection.php
index 9aee303bf6c..2cd48c1ad03 100644
--- a/webtools/update/core/inc_browserdetection.php
+++ b/webtools/update/core/inc_browserdetection.php
@@ -118,7 +118,7 @@ if (!$application) {$application = $moz_array[0];}
 if (!$app_version) {$app_version = $moz_array[1];}
 
 //If the applicatin is user-defined and not the same as what was detected, ignore the detected version and use the user-defined.
-if ($_GET["application"] and $_GET[application] !==$moz_array[0]) {$app_version = $_GET["version"]; }
+if ($_GET["application"] and $_GET["application"] !==$moz_array[0]) {$app_version = escape_string($_GET["version"]); }
 
 
 } else {