From e29e3a5cba43ac3094dd0b776dc1cfd78b5c26ae Mon Sep 17 00:00:00 2001
From: John Supplee <john@supplee.com>
Date: Sun, 3 Mar 2019 19:23:58 +0200
Subject: [PATCH] fix QUERY_STRING to only have the image request

---
 management/daemon.py | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/management/daemon.py b/management/daemon.py
index 7e0d4936..b3f5689c 100755
--- a/management/daemon.py
+++ b/management/daemon.py
@@ -526,12 +526,16 @@ import base64
 @authorized_personnel_only
 def mailgraph():
 	if request.query_string:
-		app.logger.error("QUERY_STRING=%s" % request.query_string)
+		query = request.query_string
+		if '&' in query:
+			query = query.split('&')[0]
+
+		app.logger.error("QUERY_STRING=%s" % query)
 
 		code, bin_out = utils.shell(
 			"check_output",
 			["/usr/share/mailgraph/mailgraph.cgi"],
-			env={"QUERY_STRING": request.query_string},
+			env={"QUERY_STRING": query},
 			return_bytes=True,
 			trap=True
 		)