mirror of
https://github.com/openvk/openvk
synced 2024-12-23 00:51:03 +03:00
[IMPORTANT SECURITY] Fix critical directory traversal vulnerability in theming mechanism
This commit is contained in:
parent
ad89b0a5e2
commit
02dd373460
1 changed files with 2 additions and 2 deletions
|
@ -14,7 +14,7 @@ final class ThemepacksPresenter extends OpenVKPresenter
|
||||||
$theme = Themepacks::i()[$themepack];
|
$theme = Themepacks::i()[$themepack];
|
||||||
|
|
||||||
if($resClass === "resource") {
|
if($resClass === "resource") {
|
||||||
$data = $theme->fetchStaticResource($resource);
|
$data = $theme->fetchStaticResource(chandler_escape_url($resource));
|
||||||
} else if($resClass === "stylesheet") {
|
} else if($resClass === "stylesheet") {
|
||||||
if($resource !== "styles.css")
|
if($resource !== "styles.css")
|
||||||
$this->notFound();
|
$this->notFound();
|
||||||
|
@ -27,7 +27,7 @@ final class ThemepacksPresenter extends OpenVKPresenter
|
||||||
if(!$data)
|
if(!$data)
|
||||||
$this->notFound();
|
$this->notFound();
|
||||||
|
|
||||||
header("Content-Type: " . system_extension_mime_type($resource));
|
header("Content-Type: " . system_extension_mime_type($resource) ?? "text/plain; charset=unknown-8bit");
|
||||||
header("Content-Size: " . strlen($data));
|
header("Content-Size: " . strlen($data));
|
||||||
header("Cache-Control: public, no-transform, max-age=31536000");
|
header("Cache-Control: public, no-transform, max-age=31536000");
|
||||||
exit($data);
|
exit($data);
|
||||||
|
|
Loading…
Reference in a new issue