secfilter: fix w_check_sqli(). Character '#' could be used in URI header. Its use should not be considered as an SQL injection attack

src/modules/secfilter/secfilter.c

@@ -265,7 +265,7 @@ static int w_check_sqli(str val)
 	memcpy(cval, val.s, val.len);
 
 	if(strstr(cval, "'") || strstr(cval, "\"") || strstr(cval, "--")
-			|| strstr(cval, "#") || strstr(cval, "%27") || strstr(cval, "%24")
+			|| strstr(cval, "%27") || strstr(cval, "%24")
 			|| strstr(cval, "%60")) {
 		/* Illegal characters found */
 		res = -1;