Fixed legacy paths being too / tolerant.

This commit is contained in:
flash 2023-09-11 20:15:44 +00:00
parent 904d220582
commit 67d9620037

View file

@ -131,11 +131,15 @@ CSRF::init(
$router = $msz->createRouting(); $router = $msz->createRouting();
$msz->startTemplating(); $msz->startTemplating();
$mszRequestPath = $request->getPath(); $mszRequestPath = substr($request->getPath(), 1);
$mszLegacyPathPrefix = MSZ_PUBLIC . '-legacy/'; $mszLegacyPathPrefix = MSZ_PUBLIC . '-legacy/';
$mszLegacyPath = realpath($mszLegacyPathPrefix . $mszRequestPath); $mszLegacyPath = $mszLegacyPathPrefix . $mszRequestPath;
if(!empty($mszLegacyPath) && str_starts_with($mszLegacyPath, $mszLegacyPathPrefix)) { if(!empty($mszLegacyPath) && str_starts_with($mszLegacyPath, $mszLegacyPathPrefix)) {
$mszLegacyPathReal = realpath($mszLegacyPath);
if($mszLegacyPath !== $mszLegacyPathReal && $mszLegacyPath !== $mszLegacyPathReal . '/')
Template::throwError(404);
if(str_starts_with($mszRequestPath, '/manage') && !$msz->hasManageAccess()) if(str_starts_with($mszRequestPath, '/manage') && !$msz->hasManageAccess())
Template::throwError(403); Template::throwError(403);