--- gnump3d.orig	2005-10-10 23:38:39.000000000 +0100
+++ gnump3d	2005-10-10 23:41:42.000000000 +0100
@@ -857,6 +857,12 @@
 		my $header   = &getHTTPHeader( 404, "text/html" );
 		&sendData( $data, $header );
 
+
+		#
+		# Prevent XSS attacks
+		#
+		$uri = urlEncode( $uri );
+
 		my $text = &getErrorPage( $ARGUMENTS{'theme'},
 					  $literals->get( "ERROR404" ) );
 		&sendData( $data, $text );
@@ -1086,7 +1092,6 @@
 		        my $header   = &getHTTPHeader( 404, "text/html" );
 			&sendData( $data, $header );
 
-
 			my $text = &getErrorPage( $ARGUMENTS{'theme'},
 						  $literals->get( "EMPTY_PLAYLIST" ) );
 			&sendData( $data, $text );
@@ -1168,6 +1173,11 @@
 		my $header   = &getHTTPHeader( 404, "text/html" );
 		&sendData( $data, $header );
 
+		#
+		# Prevent XSS attacks
+		#
+		$uri = urlEncode( $uri );
+
 		my $text = &getErrorPage( $ARGUMENTS{'theme'},
 					  $literals->get( "ERROR404" ) );
 		&sendData( $data, $text );