Commit Graph

7 Commits (3588d5186ef7321fa573adbb62f42b05d7a138be)

Author SHA1 Message Date
Andrew Dolgov a817d3794d * use get_random_bytes() for CSRF token
* get_random_bytes: use PHP7 random_bytes() if it is available
* validate CSRF token using hash_equals
4 years ago
Andrew Dolgov 91e1542a82 af_proxy_http: require separate token to access imgproxy 4 years ago
Andrew Dolgov 79f102c25d af_proxy_http: never print received data directly, always redirect to cached_url
cache/getUrl: basename() passed filename just in case
4 years ago
Andrew Dolgov c3d14e1fa5 - fix multiple vulnerabilities in af_proxy_http
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
4 years ago
Andrew Dolgov 10c63ed582 pluginhost: add helper methods to get private/public pluginmethod endpoint URLs 5 years ago
Andrew Dolgov bdf29856fb fix several leftover mentions of old (renamed) class name, duh 5 years ago
Andrew Dolgov de5669f723 af_zz_imgproxy: rename to af_proxy_http, use priority hook loader 5 years ago