mirror of
https://github.com/getgrav/grav-plugin-admin.git
synced 2025-11-01 19:06:16 +01:00
fixes for GHSA-85r3-mf4x-qp8f
This commit is contained in:
Andy Miller
@@ -10,9 +10,7 @@
|
||||
* Forward a `sid` to GPM when downloading a premium package
|
||||
1. [](#bugfix)
|
||||
* Escape page title in `pages` field
|
||||
* Fixed unused task RemoveMedia, it cannot be used directly anymore
|
||||
* Tightened checks when removing a media file
|
||||
* Removed unused parameter in file field
|
||||
* Fixed backup download URL [GHSA-85r3-mf4x-qp8f](https://github.com/getgrav/grav-plugin-admin/security/advisories/GHSA-85r3-mf4x-qp8f)
|
||||
|
||||
# v1.9.17
|
||||
## 10/07/2020
|
||||
|
||||
@@ -1325,10 +1325,9 @@ class AdminController extends AdminBaseController
|
||||
|
||||
try {
|
||||
if ($download) {
|
||||
$file = base64_decode(urldecode($download));
|
||||
$backups_root_dir = $this->grav['locator']->findResource('backup://', true);
|
||||
|
||||
if (0 !== strpos($file, $backups_root_dir)) {
|
||||
$filename = basename(base64_decode(urldecode($download)));
|
||||
$file = $this->grav['locator']->findResource("backup://{$filename}", true);
|
||||
if (!$file) {
|
||||
header('HTTP/1.1 401 Unauthorized');
|
||||
exit();
|
||||
}
|
||||
|
||||
@@ -19,7 +19,7 @@
|
||||
<td>{{ backup.title }}</td>
|
||||
<td class="right pad">{{ backup.size|nicefilesize }}</td>
|
||||
<td class="right pad nowrap" >
|
||||
<a class="button button-small hint--bottom" href="{{ grav.backups.getBackupDownloadUrl(backup.path, admin.base) }}" data-hint="Download"><i class="fa fa-download"></i></a>
|
||||
<a class="button button-small hint--bottom" href="{{ grav.backups.getBackupDownloadUrl(backup.filename, admin.base) }}" data-hint="Download"><i class="fa fa-download"></i></a>
|
||||
<span class="button button-small danger hint--bottom" data-hint="Delete" data-backup data-ajax="{{ backup_delete }}"><i class="fa fa-close"></i></span>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
Reference in New Issue
Block a user