amass/ZLMediaKit
1
0
Fork 0
mirror of https://github.com/ZLMediaKit/ZLMediaKit.git synced 2024-11-22 10:40:05 +08:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

修复逻辑判断不严禁XSS攻击,server在windows debug运行时拒绝服务攻击:#2213

Browse Source
This commit is contained in:
baiyfcu 2023-03-03 14:44:59 +08:00
parent 4783ac0808
commit a5c3db4ee1
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Http/HttpFileManager.cpp
View File

@ -496,6 +496,10 @@ void HttpFileManager::onAccessPath(Session &sender, Parser &parser, const HttpFi
auto fullUrl = string(HTTP_SCHEMA) + "://" + parser["Host"] + parser.FullUrl(); auto fullUrl = string(HTTP_SCHEMA) + "://" + parser["Host"] + parser.FullUrl();
MediaInfo media_info(fullUrl); MediaInfo media_info(fullUrl);
auto file_path = getFilePath(parser, media_info, sender); auto file_path = getFilePath(parser, media_info, sender);
if (file_path.size() == 0) {
sendNotFound(cb);
return;
}
//访问的是文件夹 //访问的是文件夹
if (File::is_dir(file_path.data())) { if (File::is_dir(file_path.data())) {
auto indexFile = searchIndexFile(file_path); auto indexFile = searchIndexFile(file_path);