1
0
Fork 0
forked from svrjs/svrjs

Fix access control bypass vulnerability for non-proxy SVR.JS mods

This commit is contained in:
Dorian Niemiec 2023-09-07 18:00:58 +02:00
parent 2c93e0fc24
commit 2d733b70bf
3 changed files with 15 additions and 5 deletions

View file

@ -3,7 +3,7 @@
"port": 80, "port": 80,
"pubport": 80, "pubport": 80,
"page404": "404.html", "page404": "404.html",
"timestamp": 1694024561052, "timestamp": 1694099048015,
"blacklist": [], "blacklist": [],
"nonStandardCodes": [], "nonStandardCodes": [],
"enableCompression": true, "enableCompression": true,
@ -102,4 +102,4 @@
"errorPages": [], "errorPages": [],
"useWebRootServerSideScript": true, "useWebRootServerSideScript": true,
"exposeModsInErrorPages": true "exposeModsInErrorPages": true
} }

14
svr.js
View file

@ -3274,9 +3274,19 @@ if (!cluster.isPrimary) {
function modExecute(mods, ffinals) { function modExecute(mods, ffinals) {
// Prepare modFunction // Prepare modFunction
var modFunction = ffinals; var modFunction = ffinals;
for (var i = mods.length - 1; i >= 0; i--) { var useMods = mods;
modFunction = mods[i].callback(req, res, serverconsole, responseEnd, href, ext, uobject, search, "index.html", users, page404, head, foot, fd, modFunction, configJSON, callServerError, getCustomHeaders, origHref, redirect, parsePostData);
if(isProxy) {
// Get list of forward proxy mods
useMods = [];
mods.forEach(function (mod) {
if (mod.proxyCallback !== undefined) useMods.push(mod);
});
} }
useMods.reverse().forEach(function (modO) {
modFunction = modO.callback(req, res, serverconsole, responseEnd, href, ext, uobject, search, "index.html", users, page404, head, foot, fd, modFunction, configJSON, callServerError, getCustomHeaders, origHref, redirect, parsePostData);
});
// Execute modfunction // Execute modfunction
modFunction(); modFunction();

View file

@ -1 +1 @@
56 0