projects / citadel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix error handling to avoid XSS attacks.
[citadel.git] / webcit / webcit.c
diff --git a/webcit/webcit.c b/webcit/webcit.c
index 91fc47e26424c64bf0d85a0ec173554fed1cb5ec..bca779a3ad331009fd6355ce5da49a13f3f83577 100644 (file)
--- a/webcit/webcit.c
+++ b/webcit/webcit.c
@@ -141,7 +141,9 @@ void output_headers(        int do_httpheaders,     /* 1 = output HTTP headers                        */
        wcsession *WCC = WC;
        char httpnow[128];
 
-       if (WCC->Hdr->HaveRange > 1)
+       if (WCC->isFailure) 
+               hprintf("HTTP/2.2 500 Internal Server Error");
+       else if (WCC->Hdr->HaveRange > 1)
                hprintf("HTTP/1.1 206 Partial Content\r\n");
        else
                hprintf("HTTP/1.1 200 OK\r\n");
Citadel server, clients, utilities