fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

I solved some issues with Directory traversal

Browse Source
This commit is contained in:
Paula V. Quispe
2015-03-26 14:55:51 -04:00
parent c2d32d4f59
commit f4664ce34c
3 changed files with 43 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
workflow/engine/methods/cases/casesStreamingFile.php
View File

@@ -54,6 +54,9 @@ exit;
function rangeDownload($location,$mimeType)
{
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$location = $filter->xssFilterHard($location, "path");
if (!file_exists($location))
{
header ("HTTP/1.0 404 Not Found");