Sanitize email address in case of security issues (pi-hole#3254)

* Sanitize email address in case of security issues Signed-off-by: bash-c <aboultraman@gmail.com>
mschoettle · Apr 5, 2020 · 2de5362 · 2de5362
1 parent a2d2639
commit 2de5362
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
@@ -517,6 +517,13 @@ Options:
     fi
 
     if [[ -n "${args[2]}" ]]; then
+
+        # Sanitize email address in case of security issues
+        if [[ ! "${args[2]}" =~ ^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$  ]]; then
+            echo -e "  ${CROSS} Invalid email address"
+            exit 0
+        fi
+
         change_setting "ADMIN_EMAIL" "${args[2]}"
         echo -e "  ${TICK} Setting admin contact to ${args[2]}"
     else