github
/
nginxconfig.io
mirror of https://github.com/digitalocean/nginxconfig.io
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

122672: Убрали обработку скриптов в полях пользовательского ввода

pull/341/head
Владислав Филатов 2022-04-08 16:23:32 +04:00
parent c9ee8455e0
commit 5f6876321d
8 changed files with 59 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/nginxconfig/generators/conf/security.conf.js
View File

@ -56,10 +56,9 @@ export default (domains, global) => {
config.push(['location /security.txt', { config.push(['location /security.txt', {
return: '301 /.well-known/security.txt', return: '301 /.well-known/security.txt',
}]); }]);
// Custom security.txt path // Custom security.txt path
config.push(['location = /.well-known/security.txt', { config.push(['location = /.well-known/security.txt', {
alias: `${global.security.securityTxtPath.value}`, alias: `${global.security.securityTxtPath.computed}`,
}]); }]);
} }

5
src/nginxconfig/templates/domain_sections/restrict.vue
View File

@ -279,6 +279,11 @@ THE SOFTWARE.
watch: { watch: {
'$props.data.responseCode': { '$props.data.responseCode': {
handler(data) { handler(data) {
if( typeof data.computed === 'string' ) {
data.computed = data.computed.replaceAll(/</g, '&lt;');
data.computed = data.computed.replaceAll(/>/g, '&gt;');
}
if (data.computed && /^[1-5][0-9][0-9]$/.test(data.computed)) { if (data.computed && /^[1-5][0-9][0-9]$/.test(data.computed)) {
this.validResponseCode = true; this.validResponseCode = true;
} else { } else {

3
src/nginxconfig/templates/domain_sections/reverse_proxy.vue
View File

@ -137,6 +137,9 @@ THE SOFTWARE.
// If the PHP or Python is enabled, the Reverse proxy will be forced off // If the PHP or Python is enabled, the Reverse proxy will be forced off
'$parent.$props.data': { '$parent.$props.data': {
handler(data) { handler(data) {
data.reverseProxy.path.computed = data.reverseProxy.path.computed.replaceAll(/</g, '&lt;');
data.reverseProxy.proxyPass.computed = data.reverseProxy.proxyPass.computed.replaceAll(/>/g, '&gt;');
// This might cause recursion, but seems not to // This might cause recursion, but seems not to
if (data.php.php.computed || data.python.python.computed) { if (data.php.php.computed || data.python.python.computed) {
this.$props.data.reverseProxy.enabled = false; this.$props.data.reverseProxy.enabled = false;

20
src/nginxconfig/templates/domain_sections/server.vue
View File

@ -208,8 +208,8 @@ THE SOFTWARE.
watch: { watch: {
'$props.data.domain': { '$props.data.domain': {
handler(data) { handler(data) {
data.computed = data.computed.replace(/</, '&lt;'); data.computed = data.computed.replaceAll(/</g, '&lt;');
data.computed = data.computed.replace(/>/, '&gt;'); data.computed = data.computed.replaceAll(/>/g, '&gt;');
// Ignore www. if given, enable WWW subdomain // Ignore www. if given, enable WWW subdomain
if (data.computed.startsWith('www.')) { if (data.computed.startsWith('www.')) {
@ -246,8 +246,8 @@ THE SOFTWARE.
// Ensure there is a default path // Ensure there is a default path
'$props.data.path': { '$props.data.path': {
handler(data) { handler(data) {
data.computed = data.computed.replace(/</, '&lt;'); data.computed = data.computed.replaceAll(/</g, '&lt;');
data.computed = data.computed.replace(/>/, '&gt;'); data.computed = data.computed.replaceAll(/>/g, '&gt;');
if (!data.computed.trim()) { if (!data.computed.trim()) {
data.computed = `/var/www/${this.$props.data.domain.computed}`; data.computed = `/var/www/${this.$props.data.domain.computed}`;
@ -257,22 +257,22 @@ THE SOFTWARE.
}, },
'$props.data.documentRoot': { '$props.data.documentRoot': {
handler(data) { handler(data) {
data.computed = data.computed.replace(/</, '&lt;'); data.computed = data.computed.replaceAll(/</g, '&lt;');
data.computed = data.computed.replace(/>/, '&gt;'); data.computed = data.computed.replaceAll(/>/g, '&gt;');
}, },
deep: true, deep: true,
}, },
'$props.data.listenIpv4': { '$props.data.listenIpv4': {
handler(data) { handler(data) {
data.computed = data.computed.replace(/</, '&lt;'); data.computed = data.computed.replaceAll(/</g, '&lt;');
data.computed = data.computed.replace(/>/, '&gt;'); data.computed = data.computed.replaceAll(/>/g, '&gt;');
}, },
deep: true, deep: true,
}, },
'$props.data.listenIpv6': { '$props.data.listenIpv6': {
handler(data) { handler(data) {
data.computed = data.computed.replace(/</, '&lt;'); data.computed = data.computed.replaceAll(/</g, '&lt;');
data.computed = data.computed.replace(/>/, '&gt;'); data.computed = data.computed.replaceAll(/>/g, '&gt;');
}, },
deep: true, deep: true,
}, },

4
src/nginxconfig/templates/global_sections/https.vue
View File

@ -374,8 +374,8 @@ THE SOFTWARE.
}, },
'$props.data.letsEncryptCertRoot': { '$props.data.letsEncryptCertRoot': {
handler(data) { handler(data) {
data.computed = data.computed.replace(/</, '&lt;'); data.computed = data.computed.replaceAll(/</g, '&lt;');
data.computed = data.computed.replace(/>/, '&gt;'); data.computed = data.computed.replaceAll(/>/g, '&gt;');
}, },
deep: true, deep: true,
}, },

17
src/nginxconfig/templates/global_sections/nginx.vue
View File

@ -207,9 +207,26 @@ THE SOFTWARE.
}, },
computed: computedFromDefaults(defaults, 'nginx'), // Getters & setters for the delegated data computed: computedFromDefaults(defaults, 'nginx'), // Getters & setters for the delegated data
watch: { watch: {
'$props.data.user': {
handler(data) {
data.computed = data.computed.replaceAll(/</g, '&lt;');
data.computed = data.computed.replaceAll(/>/g, '&gt;');
},
deep: true,
},
'$props.data.pid': {
handler(data) {
data.computed = data.computed.replaceAll(/</g, '&lt;');
data.computed = data.computed.replaceAll(/>/g, '&gt;');
},
deep: true,
},
// Clean nginx directory of trailing slashes // Clean nginx directory of trailing slashes
'$props.data.nginxConfigDirectory': { '$props.data.nginxConfigDirectory': {
handler(data) { handler(data) {
// data.computed = data.computed.replaceAll(/</g, '&lt;');
// data.computed = data.computed.replaceAll(/>/g, '&gt;');
// This might cause recursion, but seems not to // This might cause recursion, but seems not to
if (data.enabled) if (data.enabled)
if (data.computed.endsWith('/')) if (data.computed.endsWith('/'))

7
src/nginxconfig/templates/global_sections/python.vue
View File

@ -96,6 +96,13 @@ THE SOFTWARE.
}, },
deep: true, deep: true,
}, },
'$props.data.pythonServer': {
handler(data) {
data.computed = data.computed.replaceAll(/</g, '&lt;');
data.computed = data.computed.replaceAll(/>/g, '&gt;');
},
deep: true,
},
}, },
}; };
</script> </script>

14
src/nginxconfig/templates/global_sections/security.vue
View File

@ -205,6 +205,20 @@ THE SOFTWARE.
}, },
}, },
watch: { watch: {
'$props.data.securityTxtPath': {
handler(data) {
data.computed = data.computed.replaceAll(/</g, '&lt;');
data.computed = data.computed.replaceAll(/>/g, '&gt;');
},
deep: true,
},
'$props.data.contentSecurityPolicy': {
handler(data) {
data.computed = data.computed.replaceAll(/</g, '&lt;');
data.computed = data.computed.replaceAll(/>/g, '&gt;');
},
deep: true,
},
// Check referrer policy selection is valid // Check referrer policy selection is valid
'$props.data.referrerPolicy': { '$props.data.referrerPolicy': {
handler(data) { handler(data) {