Fix export vulnerability, found by GitHub user @oomb and disclosed vi…

…a the excellent huntr.dev platform.
firefly-iii · Jun 3, 2021 · 5303321 · 5303321
1 parent 906fca7
commit 5303321
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 4 deletions.
diff --git a/resources/views/v1/export/index.twig b/resources/views/v1/export/index.twig
@@ -15,9 +15,10 @@
                     <p>
                         {{ 'export_data_expl'|_ }}
                     </p>
-                    <ul>
-                        <li><i class="fa fa-fw fa-download"></i> <a href="{{ route('export.export') }}" title="{{ 'export_data_all_transactions'|_ }}">{{ 'export_data_all_transactions'|_ }}</a></li>
-                    </ul>
+                    <form action="{{ route('export.export') }}" method="post">
+                        <input type="hidden" name="_token" value="{{ csrf_token() }}"/>
+                        <button type="submit"><i class="fa fa-fw fa-download"></i> {{ 'export_data_all_transactions'|_ }}</button>
+                    </form>
                     <p>
                         {{ 'export_data_advanced_expl'|_ }}
                     </p>

diff --git a/routes/web.php b/routes/web.php
@@ -538,7 +538,7 @@ static function () {
 
     // index
         Route::get('', ['uses' => 'Export\IndexController@index', 'as' => 'index']);
-        Route::get('export', ['uses' => 'Export\IndexController@export', 'as' => 'export']);
+        Route::post('export', ['uses' => 'Export\IndexController@export', 'as' => 'export']);
     }
 );
 /**