bastion/nginx-proxy-manager
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed directory traversal vulnerability. (#114)

Browse Source 
Awesome find!
This commit is contained in:
Jocelyn Le Sage 2019-04-02 18:37:40 -04:00 committed by jc21
parent 3095cff7d9
commit e7ddcb91fc
1 changed files with 17 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/backend/routes/main.js
View File

@ -3,6 +3,7 @@
const express = require('express'); const express = require('express');
const fs = require('fs'); const fs = require('fs');
const PACKAGE = require('../../../package.json'); const PACKAGE = require('../../../package.json');
const path = require('path')
const router = express.Router({ const router = express.Router({
caseSensitive: true, caseSensitive: true,
@ -29,15 +30,22 @@ router.get(/(.*)/, function (req, res, next) {
version: PACKAGE.version version: PACKAGE.version
}); });
} else { } else {
fs.readFile('dist' + req.params.page, 'utf8', function (err, data) { var p = path.normalize('dist' + req.params.page)
if (err) { if (p.startsWith('dist')) { // Allow access to ressources under 'dist' directory only.
res.render('index', { fs.readFile(p, 'utf8', function (err, data) {
version: PACKAGE.version if (err) {
}); res.render('index', {
} else { version: PACKAGE.version
res.contentType('text/html').end(data); });
} } else {
}); res.contentType('text/html').end(data);
}
});
} else {
res.render('index', {
version: PACKAGE.version
});
}
} }
}); });