mirror of
https://github.com/ZLMediaKit/ZLMediaKit.git
synced 2024-11-22 10:40:05 +08:00
修复逻辑判断不严禁XSS攻击,server在windows debug运行时拒绝服务攻击:#2213
This commit is contained in:
parent
4783ac0808
commit
a5c3db4ee1
@ -496,6 +496,10 @@ void HttpFileManager::onAccessPath(Session &sender, Parser &parser, const HttpFi
|
||||
auto fullUrl = string(HTTP_SCHEMA) + "://" + parser["Host"] + parser.FullUrl();
|
||||
MediaInfo media_info(fullUrl);
|
||||
auto file_path = getFilePath(parser, media_info, sender);
|
||||
if (file_path.size() == 0) {
|
||||
sendNotFound(cb);
|
||||
return;
|
||||
}
|
||||
//访问的是文件夹
|
||||
if (File::is_dir(file_path.data())) {
|
||||
auto indexFile = searchIndexFile(file_path);
|
||||
|
Loading…
Reference in New Issue
Block a user