Fixed LFI in custom report csv download

pimcore · Feb 5, 2021 · 1786bdd · 1786bdd
1 parent 3224684
commit 1786bdd
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/bundles/AdminBundle/Controller/Reports/CustomReportController.php b/bundles/AdminBundle/Controller/Reports/CustomReportController.php
@@ -433,7 +433,7 @@ public function createCsvAction(Request $request)
         $progress = $progress > 1 ? 1 : $progress;
 
         return new JsonResponse([
-            'exportFile' => $exportFile,
+            'exportFile' => basename($exportFile),
             'offset' => $offset,
             'progress' => $progress,
             'finished' => empty($result['data']) || count($result['data']) < $limit,
@@ -451,6 +451,7 @@ public function downloadCsvAction(Request $request)
     {
         $this->checkPermission('reports');
         if ($exportFile = $request->get('exportFile')) {
+            $exportFile = PIMCORE_SYSTEM_TEMP_DIRECTORY . '/' . basename($exportFile);
             $response = new BinaryFileResponse($exportFile);
             $response->headers->set('Content-Type', 'text/csv; charset=UTF-8');
             $response->setContentDisposition(ResponseHeaderBag::DISPOSITION_ATTACHMENT, 'export.csv');