mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-20 13:21:54 +02:00
Code Issues Releases Wiki Activity

Issue GHSA-92fr-7h4f-22pp

Browse Source
This commit is contained in:
camer0n
2023-08-22 13:28:10 -07:00
parent abf94d0310
commit 9aa8de4f7d
3 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
e107_tests/tests/unit/e_fileTest.php
View File

@@ -157,9 +157,14 @@ class e_fileTest extends \Codeception\Test\Unit
array('path'=> e_SYSTEM."filetypes.xml", 'expected' => true), // permitted
array('path'=> e_PLUGIN."gallery/images/butterfly.jpg", 'expected' => true), // permitted
array('path'=> 'http://127.0.0.1:8070/file.svg', 'expected'=>false), // not permitted
array('path'=> 'http://127.0.0.1:8070/butterfly.jpg', 'expected'=>true), // permitted
array('path'=> 'http://127.0.0.1:8070/butterfly.jpg', 'expected'=>false), // not permitted
array('path'=> 'http://localhost:8070/file.svg', 'expected'=>false), // not permitted
array('path'=> 'http://localhost:8070/butterfly.jpg', 'expected'=>false), // not permitted
array('path'=> 'http://domain.com:8070/file.svg', 'expected'=>false), // suspicious
array('path'=> 'http://domain.com:8070/butterfly.jpg', 'expected'=>true), // permitted
array('path'=> 'http://127.0.0.1/bla.php', 'expected'=>false), // suspicious
array('path'=> 'http://127.0.0.1/bla.php?butterfly.jpg', 'expected'=>false), // suspicious
);
foreach($isAllowedTest as $file)