Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fixes U4-7457 Server side request forgery (xsrf) in feedproxy.aspx
  • Loading branch information
Shazwazza committed Nov 25, 2015
1 parent a02b41e commit 924a016
Showing 1 changed file with 3 additions and 1 deletion.
Expand Up @@ -27,7 +27,9 @@ protected void Page_Load(object sender, EventArgs e)
if (Uri.TryCreate(url, UriKind.Absolute, out requestUri))
{
var feedProxyXml = xmlHelper.OpenAsXmlDocument(IOHelper.MapPath(SystemFiles.FeedProxyConfig));
if (feedProxyXml != null && feedProxyXml.SelectSingleNode(string.Concat("//allow[@host = '", requestUri.Host, "']")) != null)
if (feedProxyXml != null
&& feedProxyXml.SelectSingleNode(string.Concat("//allow[@host = '", requestUri.Host, "']")) != null
&& requestUri.Port == 80)
{
using (var client = new WebClient())
{
Expand Down

0 comments on commit 924a016

Please sign in to comment.