fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ISSUE-116 Added functionality for plugins with symlink paths

Browse Source
This commit is contained in:
Brayan Pereyra
2025-09-10 15:46:57 +00:00
parent 6e7b1bc7ff
commit 4949243dd8
2 changed files with 12 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
workflow/engine/methods/setup/pluginsChange.php
View File

@@ -60,9 +60,9 @@ function handlePluginChange() {
}
// Secure path validation to prevent directory traversal attacks
$pluginFilePath = realpath(PATH_PLUGINS . $pluginFile);
$pluginDirPath = realpath(PATH_PLUGINS . $pluginName);
$pluginsDir = realpath(PATH_PLUGINS);
$pluginFilePath = PATH_PLUGINS . $pluginFile;
$pluginDirPath = PATH_PLUGINS . $pluginName;
$pluginsDir = PATH_PLUGINS;
// Ensure plugin file is within the allowed plugins directory
if (!$pluginFilePath || strpos($pluginFilePath, $pluginsDir) !== 0) {