diff options
| author | nachoparker <nacho@ownyourbits.com> | 2018-06-04 20:29:32 +0300 |
|---|---|---|
| committer | nachoparker <nacho@ownyourbits.com> | 2018-06-04 20:29:32 +0300 |
| commit | 05c14ce868dd2d5f5020462c09dfbf393990142d (patch) | |
| tree | 736426c46d19695dad2c71c7c4f777f27b529165 /ncp-web/ncp-launcher.php | |
| parent | 3c462f650b98ee5190bf2b1372f14c8ffab28c12 (diff) | |
ncp-web: sanitize the ref parameterv0.56.17
Diffstat (limited to 'ncp-web/ncp-launcher.php')
| -rw-r--r-- | ncp-web/ncp-launcher.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/ncp-web/ncp-launcher.php b/ncp-web/ncp-launcher.php index 5e8ceafc..0b28f4c8 100644 --- a/ncp-web/ncp-launcher.php +++ b/ncp-web/ncp-launcher.php @@ -92,8 +92,12 @@ if ( $_POST['action'] == "cfgreq" ) else if ( $_POST['action'] == "launch" && $_POST['config'] ) { + // sanity checks if ( !$_POST['ref'] ) exit( '{ "output": "Invalid request" }' ); + preg_match( '/^[a-z-]+$/' , $_POST['ref'] , $matches ) + or exit( '{ "output": "Invalid input" , "token": "' . getCSRFToken() . '" }' ); + // CSRF check $token = isset($_POST['csrf_token']) ? $_POST['csrf_token'] : ''; if ( empty($token) || !validateCSRFToken($token) ) |