github
/
1Panel
mirror of https://github.com/1Panel-dev/1Panel
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix: 解决命令注入waf被绕过的问题 (#4268)

Browse Source
pull/4273/head
an4er 8 months ago committed by GitHub
parent 062b2f2ae6
commit 1ff5bf85e9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
backend/utils/cmd/cmd.go
Unescape View File

@ -178,7 +178,7 @@ func CheckIllegal(args ...string) bool {
if strings.Contains(arg, "&") || strings.Contains(arg, "|") || strings.Contains(arg, ";") || if strings.Contains(arg, "&") || strings.Contains(arg, "|") || strings.Contains(arg, ";") ||
strings.Contains(arg, "$") || strings.Contains(arg, "'") || strings.Contains(arg, "`") || strings.Contains(arg, "$") || strings.Contains(arg, "'") || strings.Contains(arg, "`") ||
strings.Contains(arg, "(") || strings.Contains(arg, ")") || strings.Contains(arg, "\"") || strings.Contains(arg, "(") || strings.Contains(arg, ")") || strings.Contains(arg, "\"") ||
strings.Contains(arg, "\n") || strings.Contains(arg, "\r") { strings.Contains(arg, "\n") || strings.Contains(arg, "\r") || strings.Contains(arg, ">") {
return true return true
} }
} }

Write Preview
Loading…
Cancel
Save