Skip to content

Commit

Permalink
fix CSRF, try fix %20
Browse files Browse the repository at this point in the history
  • Loading branch information
root committed Oct 6, 2021
1 parent 76249ed commit 9205015
Show file tree
Hide file tree
Showing 9 changed files with 135 additions and 51 deletions.
138 changes: 101 additions & 37 deletions common.php
View file

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion index.php
View file
Expand Up @@ -108,7 +108,7 @@ function handler($event, $context)

$re = main($path);

return new RingCentral\Psr7\Response($re['statusCode'], $re['headers'], $re['body']);
return new RingCentral\Psr7\Response($re['statusCode'], $re['headers'], $re['isBase64Encoded']?base64_decode($re['body']):$re['body']);

} elseif ($_SERVER['_APP_SHARE_DIR']=='/var/share/CFF/processrouter') {
// Huawei FG
Expand Down
14 changes: 11 additions & 3 deletions platform/AliyunFC.php
View file
Expand Up @@ -37,13 +37,20 @@ function GetPathSetting($event, $context)
$_SERVER['region'] = $context['region'];
$_SERVER['service_name'] = $context['service']['name'];
$_SERVER['function_name'] = $context['function']['name'];
$path = urldecode($event['path']);
//$path = str_replace('%5D', ']', str_replace('%5B', '[', $event['path']));//%5B
//$path = $event['path'];
$path = $event['requestURI'];
if (strpos($path, '?')) $path = substr($path, 0, strpos($path, '?'));
$tmp = urldecode($event['requestURI']);
if (strpos($tmp, '?')) $tmp = substr($tmp, 0, strpos($tmp, '?'));
if ($path=='/'||$path=='') {
$_SERVER['base_path'] = $tmp;
} else {
$_SERVER['base_path'] = substr($tmp, 0, strlen($tmp)-strlen($path)+1);
while ($tmp!=urldecode($tmp)) $tmp = urldecode($tmp);
$tmp1 = urldecode($event['path']);
while ($tmp1!=urldecode($tmp1)) $tmp1 = urldecode($tmp1);
$_SERVER['base_path'] = substr($tmp, 0, strlen($tmp)-strlen($tmp1)+1);
//$_SERVER['base_path'] = substr($tmp, 0, strlen(urldecode($event['path'])));
}
$_SERVER['base_path'] = spurlencode($_SERVER['base_path'], '/');

Expand All @@ -63,7 +70,8 @@ function GetPathSetting($event, $context)
$_SERVER['referhost'] = explode('/', $event['headers']['Referer'][0])[2];
$_SERVER['HTTP_IF_MODIFIED_SINCE'] = $event['headers']['If-Modified-Since'][0];
$_SERVER['FC_SERVER_PATH'] = '/var/fc/runtime/php7.2';
return spurlencode($path, '/');
return $path;
//return spurlencode($path, '/');
}

function getConfig($str, $disktag = '')
Expand Down
1 change: 1 addition & 0 deletions platform/BaiduCFC.php
View file
Expand Up @@ -50,6 +50,7 @@ function GetPathSetting($event, $context)
$_SERVER['host'] = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];
$_SERVER['referhost'] = explode('/', $event['headers']['Referer'])[2];
$_SERVER['HTTP_TRANSLATE'] = $event['headers']['translate'];//'f'
$_SERVER['HTTP_IF_MODIFIED_SINCE'] = $event['headers']['If-Modified-Since'];
$_SERVER['BCE_CFC_RUNTIME_NAME'] = 'php7';
return $path;
}
Expand Down
1 change: 1 addition & 0 deletions platform/HuaweiFG_env.php
View file
Expand Up @@ -71,6 +71,7 @@ function GetPathSetting($event, $context)
$_SERVER['host'] = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];
$_SERVER['referhost'] = explode('/', $event['headers']['referer'])[2];
$_SERVER['HTTP_TRANSLATE'] = $event['headers']['translate'];//'f'
$_SERVER['HTTP_IF_MODIFIED_SINCE'] = $event['headers']['if-modified-since'];
$_SERVER['_APP_SHARE_DIR'] = '/var/share/CFF/processrouter';
return $path;
}
Expand Down
1 change: 1 addition & 0 deletions platform/HuaweiFG_file.php
View file
Expand Up @@ -71,6 +71,7 @@ function GetPathSetting($event, $context)
$_SERVER['host'] = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];
$_SERVER['referhost'] = explode('/', $event['headers']['referer'])[2];
$_SERVER['HTTP_TRANSLATE'] = $event['headers']['translate'];//'f'
$_SERVER['HTTP_IF_MODIFIED_SINCE'] = $event['headers']['if-modified-since'];
$_SERVER['_APP_SHARE_DIR'] = '/var/share/CFF/processrouter';
return $path;
}
Expand Down
3 changes: 2 additions & 1 deletion platform/TencentSCF_env.php
View file
Expand Up @@ -56,7 +56,8 @@ function GetPathSetting($event, $context)
//$_SERVER['REQUEST_SCHEME'] = $event['headers']['x-forwarded-proto'];
$_SERVER['host'] = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];
$_SERVER['referhost'] = explode('/', $event['headers']['referer'])[2];
$_SERVER['HTTP_TRANSLATE']==$event['headers']['translate'];//'f'
$_SERVER['HTTP_TRANSLATE'] = $event['headers']['translate'];//'f'
$_SERVER['HTTP_IF_MODIFIED_SINCE'] = $event['headers']['if-modified-since'];
$_SERVER['USER'] = 'qcloud';
return $path;
}
Expand Down
3 changes: 2 additions & 1 deletion platform/TencentSCF_file.php
View file
Expand Up @@ -56,7 +56,8 @@ function GetPathSetting($event, $context)
//$_SERVER['REQUEST_SCHEME'] = $event['headers']['x-forwarded-proto'];
$_SERVER['host'] = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];
$_SERVER['referhost'] = explode('/', $event['headers']['referer'])[2];
$_SERVER['HTTP_TRANSLATE']==$event['headers']['translate'];//'f'
$_SERVER['HTTP_TRANSLATE'] = $event['headers']['translate'];//'f'
$_SERVER['HTTP_IF_MODIFIED_SINCE'] = $event['headers']['if-modified-since'];
$_SERVER['USER'] = 'qcloud';
return $path;
}
Expand Down
23 changes: 15 additions & 8 deletions theme/classic.html
View file
Expand Up @@ -94,12 +94,12 @@
</ul></li>
<!--AdminEnd-->
&nbsp;
<select class="changelanguage" name="language" onchange="changelanguage(this.options[this.options.selectedIndex].value)">
<!--<select class="changelanguage" name="language" onchange="changelanguage(this.options[this.options.selectedIndex].value)">
<option value="">Language</option>
<!--SelectLanguageStart-->
<option value="<!--SelectLanguageKey-->" <!--SelectLanguageSelected-->><!--SelectLanguageValue--></option>
<!--SelectLanguageEnd-->
</select>
</select>-->
</div>
<!--NeedUpdateStart-->
<div style='position:absolute;'><font color='red'><!--constStr@NeedUpdate--></font></div>
Expand Down Expand Up @@ -202,13 +202,20 @@ <h3 class="table-header"><a href="<!--base_path-->"><!--constStr@Home--></a><!--
<div id="txt">
<!--AdminStart-->
<form id="txt-form" action="" method="POST">
<input name="_admin" type="hidden" value="">
<a onclick="document.getElementById('txt-a').readOnly='';document.getElementById('txt-save').style.display='';document.getElementById('txt-editbutton').style.display='none';document.getElementById('txt-cancelbutton').style.display='';" id="txt-editbutton"><ion-icon name="create"></ion-icon><!--constStr@ClicktoEdit--></a>
<a onclick="document.getElementById('txt-a').readOnly='readonly';document.getElementById('txt-save').style.display='none';document.getElementById('txt-editbutton').style.display='';document.getElementById('txt-cancelbutton').style.display='none';" id="txt-cancelbutton" style="display:none"><ion-icon name="close"></ion-icon><!--constStr@CancelEdit--></a>&nbsp;&nbsp;&nbsp;
<a id="txt-save" style="display:none"><ion-icon name="save"></ion-icon><!--constStr@Save--></a>
<!--AdminEnd-->
<textarea id="txt-a" name="editfile" readonly style="width: 100%; margin-top: 2px;" <!--AdminStart-->onchange="document.getElementById('txt-save').onclick=function(){document.getElementById('txt-form').submit();}"<!--AdminEnd--> ><!--TxtContent--></textarea>
<!--AdminStart-->
</form>
<script>
var inputAdminStorage = document.getElementsByName("_admin");
for (i=0;i<inputAdminStorage.length;i++) {
inputAdminStorage[i].value = localStorage.getItem("admin");
}
</script>
<!--AdminEnd-->
</div>
<!--IstxtFileEnd-->
Expand Down Expand Up @@ -988,7 +995,7 @@ <h3 class="table-header"><a href="<!--base_path-->"><!--constStr@Home--></a><!--
delete uploading[upbigfilename];
}
}
xhr1.send('upbigfilename='+ upbigfilename +'&filesize='+ file.size +'&filelastModified='+ file.lastModified +'&filemd5='+ filemd5);
xhr1.send('upbigfilename='+ upbigfilename +'&filesize='+ file.size +'&filelastModified='+ file.lastModified +'&filemd5='+ filemd5 + '&_admin=' + localStorage.getItem("admin"));
<!--GuestStart-->
}
}
Expand Down Expand Up @@ -1239,7 +1246,7 @@ <h3 class="table-header"><a href="<!--base_path-->"><!--constStr@Home--></a><!--
getuplink(i);
}*/
}
xhr1.send('upbigfilename='+ upbigfilename +'&filesize='+ file.size +'&filelastModified='+ file.lastModified + '&filesha1=' + filesha1 + '&chunksize=' + chunksize);
xhr1.send('upbigfilename='+ upbigfilename +'&filesize='+ file.size +'&filelastModified='+ file.lastModified + '&filesha1=' + filesha1 + '&chunksize=' + chunksize + '&_admin=' + localStorage.getItem("admin"));
}
}
}
Expand Down Expand Up @@ -1325,7 +1332,7 @@ <h3 class="table-header"><a href="<!--base_path-->"><!--constStr@Home--></a><!--
}
delete uploading[filename];
}
xhr1.send('uploadid=' + uploadid + '&fileid=' + fileid + '&etag=' + JSON.stringify(res['ETag']));
xhr1.send('uploadid=' + uploadid + '&fileid=' + fileid + '&etag=' + JSON.stringify(res['ETag']) + '&_admin=' + localStorage.getItem("admin"));
} else {
var binary = this.result;
var xhr = new XMLHttpRequest();
Expand Down Expand Up @@ -1396,7 +1403,7 @@ <h3 class="table-header"><a href="<!--base_path-->"><!--constStr@Home--></a><!--
}
delete uploading[filename];
}
xhr1.send('uploadid=' + uploadid + '&fileid=' + fileid + '&etag=' + JSON.stringify(res['ETag']));
xhr1.send('uploadid=' + uploadid + '&fileid=' + fileid + '&etag=' + JSON.stringify(res['ETag']) + '&_admin=' + localStorage.getItem("admin"));
// uploadbuttonshow();
} else {
readblob(asize);
Expand Down Expand Up @@ -1439,7 +1446,7 @@ <h3 class="table-header"><a href="<!--base_path-->"><!--constStr@Home--></a><!--
var expd = new Date();
expd.setTime(expd.getTime()+1000);
var expires = "expires="+expd.toGMTString();
document.cookie = "admin=; path=/; "+expires;
document.cookie = "admin=; path=<!--base_path-->; "+expires;
location.href = location.href;
}
/*for some mobile browser*/
Expand Down Expand Up @@ -1533,7 +1540,7 @@ <h3 class="table-header"><a href="<!--base_path-->"><!--constStr@Home--></a><!--
document.getElementById(str+'_div').style.display='none';
document.getElementById('mask').style.display='none';
}
xhr.send(serializeForm(str+'_form'));
xhr.send(serializeForm(str+'_form') + '&_admin=' + localStorage.getItem("admin"));
return false;
}
function addelement(html) {
Expand Down

0 comments on commit 9205015

Please sign in to comment.