From f1919184998bf9fa7a7db882c98ce1410375e596 Mon Sep 17 00:00:00 2001 From: Artur Heinze Date: Thu, 9 Sep 2021 18:12:46 +0200 Subject: [PATCH] clean route --- index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.php b/index.php index ee357e1de..c5daa374f 100644 --- a/index.php +++ b/index.php @@ -23,7 +23,7 @@ # admin route if (COCKPIT_ADMIN && !defined('COCKPIT_ADMIN_ROUTE')) { - $route = preg_replace('#'.preg_quote(COCKPIT_BASE_URL, '#').'#', '', parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH), 1); + $route = str_replace('../', '', preg_replace('#'.preg_quote(COCKPIT_BASE_URL, '#').'#', '', parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH), 1)); define('COCKPIT_ADMIN_ROUTE', $route == '' ? '/' : $route); }