ISPConfig3 devel
parent: 10b47c | patch | commitdiff
ftimme
2013-01-16 08cc7f673c377bf88897743e340097e93f1e95f4
refs
author ftimme <ft@falkotimme.com>
Wednesday, January 16, 2013 09:30 -0500
committer ftimme <ft@falkotimme.com>
Wednesday, January 16, 2013 09:30 -0500
commit08cc7f673c377bf88897743e340097e93f1e95f4
tree b049fa16e610f23198b99d96b9fd49d8019b06bd tree | zip | gz
parent 10b47ccebdb3c25faba6d1075a08c2b9fb63f827 view | diff 
- Changed regex for redirect path (Web sites, subdomains, vhost subdomains, alias domains) and web folder (vhost subdomains) so that ".." is not allowed (in order to prevent path traversals).
- nginx: don't allow folders for proxy redirects (subdomains and alias domains); URL is required.
- nginx: modified rewriting.
13 files modified
191 ■■■■■ changed files
interface/web/sites/form/web_aliasdomain.tform.php 2 ●●● diff | view | raw | blame | history
interface/web/sites/form/web_domain.tform.php 2 ●●● diff | view | raw | blame | history
interface/web/sites/form/web_subdomain.tform.php 2 ●●● diff | view | raw | blame | history
interface/web/sites/form/web_vhost_subdomain.tform.php 4 ●●●● diff | view | raw | blame | history
interface/web/sites/lib/lang/de.lng 1 ●●●● diff | view | raw | blame | history
interface/web/sites/lib/lang/de_web_subdomain.lng 1 ●●●● diff | view | raw | blame | history
interface/web/sites/lib/lang/en.lng 1 ●●●● diff | view | raw | blame | history
interface/web/sites/lib/lang/en_web_subdomain.lng 1 ●●●● diff | view | raw | blame | history
interface/web/sites/web_aliasdomain_edit.php 5 ●●●●● diff | view | raw | blame | history
interface/web/sites/web_domain_edit.php 5 ●●●●● diff | view | raw | blame | history
interface/web/sites/web_subdomain_edit.php 5 ●●●●● diff | view | raw | blame | history
server/conf/nginx_vhost.conf.master 11 ●●●● diff | view | raw | blame | history
server/plugins-available/nginx_plugin.inc.php 151 ●●●● diff | view | raw | blame | history