From 39f459eb0407cdf4bd0a072828300d161a0ef4e8 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Wed, 14 Aug 2019 10:45:46 +0300 Subject: [PATCH] public/cached_url: forbid sending files with extensions --- classes/handler/public.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/classes/handler/public.php b/classes/handler/public.php index 4c904231e..eb5363eab 100755 --- a/classes/handler/public.php +++ b/classes/handler/public.php @@ -1204,6 +1204,9 @@ class Handler_Public extends Handler { function cached_url() { list ($cache_dir, $filename) = explode("/", $_GET["file"], 2); + // we do not allow files with extensions at the moment + $filename = str_replace(".", "", $filename); + $cache = new DiskCache($cache_dir); if ($cache->exists($filename)) {