This page is currently not used because we redirect to login page in case
of unauthenticated access, but I'm removing it just in case we decide to
change how we handle 403 errors in the future.
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
The information from `mg.request_info.request_uri` depends on the URL typed
by the user. This information was used without any sanitization, allowing
an attacker to send crafted links containing anything, including javascript
code, which could be loaded and executed in a few pages.
Replacing this value with `scriptname` variable fixes the issue, since this
variable contains the name of the file currently being executed. This
information cannot be externally manipulated and it is safe to be used on
the page.
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
