diff options
author | Andrew Dolgov <[email protected]> | 2020-09-14 19:46:52 +0300 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2020-09-14 19:46:52 +0300 |
commit | c3d14e1fa54c7dade7b1b7955575e2991396d7ef (patch) | |
tree | adf8415ace77f14bf8042cb518d0c78fecc5baef /classes/diskcache.php | |
parent | 5b17fdc36281dd11e4ba0830f368a29aaba134da (diff) |
- fix multiple vulnerabilities in af_proxy_http
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
Diffstat (limited to 'classes/diskcache.php')
-rw-r--r-- | classes/diskcache.php | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/classes/diskcache.php b/classes/diskcache.php index 68829b8e3..74415189c 100644 --- a/classes/diskcache.php +++ b/classes/diskcache.php @@ -191,7 +191,7 @@ class DiskCache { ]; public function __construct($dir) { - $this->dir = CACHE_DIR . "/" . clean_filename($dir); + $this->dir = CACHE_DIR . "/" . basename(clean($dir)); } public function getDir() { @@ -227,9 +227,7 @@ class DiskCache { } public function getFullPath($filename) { - $filename = clean_filename($filename); - - return $this->dir . "/" . $filename; + return $this->dir . "/" . basename(clean($filename)); } public function put($filename, $data) { |