4.49 release

5l1v3r1 · Aug 25, 2022 · 958e0f6 · 958e0f6
1 parent d555b05
commit 958e0f6
Show file tree

Hide file tree

Showing 24 changed files with 52 additions and 51 deletions.
diff --git a/app/controller/explorer.class.php b/app/controller/explorer.class.php
@@ -1139,6 +1139,7 @@ public function serverDownload() {
 			show_json(LNG('no_permission_write'),false);
 		}
 		$url = rawurldecode($this->in['url']);
+		if(!request_url_safe($url)){show_json('url error!',false);}
 		if(isset($this->in['name'])){
 			$filename = rawurldecode($this->in['name']);
 		}else{

diff --git a/app/controller/utils.php b/app/controller/utils.php
diff --git a/app/function/web.function.php b/app/function/web.function.php
@@ -540,16 +540,16 @@ function get_headers_curl($url,$timeout=30,$depth=0,&$headers=array()){
 
 // 防止SSRF 攻击;curl,file_get_contents前检测url;
 function request_url_safe($url){
-	$link = trim(strtolower($url));
-	$link = str_replace('\\','/',$link);
-	while (strstr($link,'../')) {
-		$link = str_replace('../', '/', $link);
-	}
-	if( substr($link,0,6) != "ftp://" &&
-		substr($link,0,7) != "http://" &&
-		substr($link,0,8) != "https://" ){
-		return false;
+	$url   = str_replace('\\','/',$url);
+	$allow = array('http','https','ftp');
+	$info  = parse_url($url);$hasAllow = false;
+	foreach($allow as $scheme){
+		$schemeNow = substr($url,0,strlen($scheme) + 3);
+		if($schemeNow === $scheme."://"){$hasAllow = true;}
 	}
+	if(!$hasAllow) return false;
+	if(!$info['scheme'] || !$info['host'] || !in_array($info['scheme'],$allow)) return false;
+	if(@file_exists($url) ) return false;
 	return true;
 }
 

diff --git a/config/version.php b/config/version.php
@@ -1,3 +1,3 @@
 <?php
-define('KOD_VERSION','4.48');
-define('KOD_VERSION_BUILD','02');//time(),20220516
+define('KOD_VERSION','4.49');
+define('KOD_VERSION_BUILD','01');//time(),20220825
diff --git a/plugins/toolsCommon/static/pie/.pie.tif b/plugins/toolsCommon/static/pie/.pie.tif
diff --git a/static/js/app/src/api/default/main.js b/static/js/app/src/api/default/main.js
diff --git a/static/js/app/src/api/view/main.js b/static/js/app/src/api/view/main.js
diff --git a/static/js/app/src/app/main.js b/static/js/app/src/app/main.js
diff --git a/static/js/app/src/desktop/main.js b/static/js/app/src/desktop/main.js
diff --git a/static/js/app/src/edit/main.js b/static/js/app/src/edit/main.js
diff --git a/static/js/app/src/editor/main.js b/static/js/app/src/editor/main.js
diff --git a/static/js/app/src/explorer/main.js b/static/js/app/src/explorer/main.js
diff --git a/static/js/app/src/explorerWap/main.js b/static/js/app/src/explorerWap/main.js
diff --git a/static/js/app/src/plugins/main.js b/static/js/app/src/plugins/main.js
diff --git a/static/js/app/src/setting/main.js b/static/js/app/src/setting/main.js
diff --git a/static/js/app/src/shareEditor/main.js b/static/js/app/src/shareEditor/main.js
diff --git a/static/js/app/src/shareExplorer/main.js b/static/js/app/src/shareExplorer/main.js
diff --git a/static/js/app/src/shareIndex/main.js b/static/js/app/src/shareIndex/main.js
diff --git a/static/js/app/src/user/main.js b/static/js/app/src/user/main.js
diff --git a/static/style/skin/base/app_code_edit.css b/static/style/skin/base/app_code_edit.css
diff --git a/static/style/skin/base/app_desktop.css b/static/style/skin/base/app_desktop.css
diff --git a/static/style/skin/base/app_editor.css b/static/style/skin/base/app_editor.css
diff --git a/static/style/skin/base/app_explorer.css b/static/style/skin/base/app_explorer.css
diff --git a/static/style/skin/base/app_setting.css b/static/style/skin/base/app_setting.css