TyleoDvDelaware3217/Kuma
1
0
Fork 0
mirror of https://github.com/louislam/uptime-kuma.git synced 2025-05-24 07:42:35 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Add check to prevent user-provided dbConfig.caFilePath.

Browse source
This commit is contained in:
Gabriel Ngandu-Biseba 2024-12-06 13:50:28 +01:00
parent 9151d99188
commit aeffe6d5ad
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
server/setup-database.js
View file

@ -207,6 +207,11 @@ class SetupDatabase {
return; return;
} }
// Prevent someone from injecting a CA file path not generated by the code below
if (dbConfig.caFilePath) {
dbConfig.caFilePath = undefined;
}
if (dbConfig.caFile) { if (dbConfig.caFile) {
const base64Data = dbConfig.caFile.replace(/^data:application\/octet-stream;base64,/, ""); const base64Data = dbConfig.caFile.replace(/^data:application\/octet-stream;base64,/, "");
console.log(dbConfig); console.log(dbConfig);