diff options
| author | roundcube <roundcube@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2005-09-29 20:30:10 +0000 |
|---|---|---|
| committer | roundcube <roundcube@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2005-09-29 20:30:10 +0000 |
| commit | 1da45b933e35f90a6c84ca652a4eb2e78f946916 (patch) | |
| tree | 5de10294547fd1feb57a9a03a9f5ae29f6f9cccb /roundcubemail/index.php | |
| parent | 63421e8191dd25c04b74ebcecdcd4231625a9ea9 (diff) | |
Fix for URL injection vulnerability (Bug #1307966)
git-svn-id: https://svn.roundcube.net/trunk@9 208e9e7b-5314-0410-a742-e7e81cd9613c
Diffstat (limited to 'roundcubemail/index.php')
| -rw-r--r-- | roundcubemail/index.php | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/roundcubemail/index.php b/roundcubemail/index.php index 19623aa30..bdccd379f 100644 --- a/roundcubemail/index.php +++ b/roundcubemail/index.php @@ -267,7 +267,19 @@ if ($_task=='settings') } +// only allow these templates to be included +$valid_tasks = array('mail','settings','addressbook'); + // parse main template -parse_template($_task); +if (in_array($_task, $valid_tasks)) + parse_template($_task); + +// if we arrive here, something went wrong +raise_error(array('code' => 404, + 'type' => 'php', + 'line' => __LINE__, + 'file' => __FILE__, + 'message' => "Invalid request"), TRUE, TRUE); + ?>
\ No newline at end of file |