- fix multiple vulnerabilities in af_proxy_http

- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized - fetch_file_contents: validate all URLs before requesting them - validate URLs: explicitly whitelist http and https scheme, forbid everything else - DiskCache/cached_url: only serve whitelisted content types (images, video) - simplify filename/URL handling code, remove and consolidate some less-used functions
author: Andrew Dolgov <[email protected]> 2020-09-14 19:46:52 +0300
committer: Andrew Dolgov <[email protected]> 2020-09-14 19:46:52 +0300
commit: c3d14e1fa54c7dade7b1b7955575e2991396d7ef (patch)
tree: adf8415ace77f14bf8042cb518d0c78fecc5baef /classes/handler/public.php
parent: 5b17fdc36281dd11e4ba0830f368a29aaba134da (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/classes/handler/public.php b/classes/handler/public.php
index e6d94e223..135cdcbc7 100755
--- a/classes/handler/public.php
+++ b/classes/handler/public.php
@@ -1234,7 +1234,7 @@ class Handler_Public extends Handler {
 	public function pluginhandler() {
 		$host = new PluginHost();
 
-		$plugin_name = clean_filename($_REQUEST["plugin"]);
+		$plugin_name = basename(clean($_REQUEST["plugin"]));
 		$method = clean($_REQUEST["pmethod"]);
 
 		$host->load($plugin_name, PluginHost::KIND_USER, 0);
author	Andrew Dolgov <[email protected]>	2020-09-14 19:46:52 +0300
committer	Andrew Dolgov <[email protected]>	2020-09-14 19:46:52 +0300
commit	c3d14e1fa54c7dade7b1b7955575e2991396d7ef (patch)
tree	adf8415ace77f14bf8042cb518d0c78fecc5baef /classes/handler/public.php
parent	5b17fdc36281dd11e4ba0830f368a29aaba134da (diff)