Skip to content
Permalink
Browse files

Patched vulnerability in auth_request

  • Loading branch information
bergware committed Jan 8, 2020
1 parent 61908b4 commit 9f2f6fb308aa97a8715ce9835392d75f54445873
Showing with 7 additions and 9 deletions.
  1. +7 −9 auth_request.php
@@ -39,14 +39,12 @@
'/webGui/images/case-model.png',
'/webGui/images/green-on.png'
];
foreach ($arrWhitelist as $strWhitelist) {
if (strpos($_SERVER['REQUEST_URI'], $strWhitelist) === 0) {
http_response_code(200);
exit;
}
if (in_array($_SERVER['REQUEST_URI'],$arrWhitelist)) {
// authorized
http_response_code(200);
} else {
// non-authorized
//error_log(print_r($_SERVER, true));
http_response_code(401);
}

// non-authorized
//error_log(print_r($_SERVER, true));
http_response_code(401);
exit;

0 comments on commit 9f2f6fb

Please sign in to comment.
You can’t perform that action at this time.