Skip to content
Permalink
Browse files
Preventing uploads from other origin
Credits to:  Fady Othman, Security Consultant # ZINAD IT
  • Loading branch information
myvesta committed Mar 14, 2021
1 parent fdc6e19 commit 3402071e950e76b79fa8672a1e09b70d3860f355
Showing 1 changed file with 7 additions and 0 deletions.
@@ -2,6 +2,13 @@

//session_start();

$hostname = exec('hostname');
$port = $_SERVER['SERVER_PORT'];
$expected_http_origin="https://".$hostname.":".$port;
if ($_SERVER['HTTP_ORIGIN'] != $expected_http_origin) {
die ("Nope.");
}

include($_SERVER['DOCUMENT_ROOT']."/inc/main.php");

// Check login_as feature

0 comments on commit 3402071

Please sign in to comment.