public/cached_url: forbid sending files with extensions

author: Andrew Dolgov <[email protected]> 2019-08-14 10:45:46 +0300
committer: Andrew Dolgov <[email protected]> 2019-08-14 10:45:46 +0300
commit: 39f459eb0407cdf4bd0a072828300d161a0ef4e8 (patch)
tree: d50e1ef2e14629bf1b5460ada7d671a669f8dcdd /classes/handler/public.php
parent: d2f1cbfcb1da1277b0be0e527956a4f932bce00a (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/classes/handler/public.php b/classes/handler/public.php
index 4c904231e..eb5363eab 100755
--- a/classes/handler/public.php
+++ b/classes/handler/public.php
@@ -1204,6 +1204,9 @@ class Handler_Public extends Handler {
 	function cached_url() {
 		list ($cache_dir, $filename) = explode("/", $_GET["file"], 2);
 
+		// we do not allow files with extensions at the moment
+		$filename = str_replace(".", "", $filename);
+
 		$cache = new DiskCache($cache_dir);
 
 		if ($cache->exists($filename)) {
author	Andrew Dolgov <[email protected]>	2019-08-14 10:45:46 +0300
committer	Andrew Dolgov <[email protected]>	2019-08-14 10:45:46 +0300
commit	39f459eb0407cdf4bd0a072828300d161a0ef4e8 (patch)
tree	d50e1ef2e14629bf1b5460ada7d671a669f8dcdd /classes/handler/public.php
parent	d2f1cbfcb1da1277b0be0e527956a4f932bce00a (diff)