jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Fix crash when req.query handling

Browse Source 
https://expressjs.com/en/5x/api.html#req.query

"As req.query’s shape is based on user-controlled input, all properties and values in this object
are untrusted and should be validated before trusting"

In essence, req.query.xx can be an array OR an array of strings.
This commit is contained in:
Girish Ramakrishnan
2025-07-13 13:14:32 +02:00
parent dc7f5e3dbc
commit 04de621e37
14 changed files with 66 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/proxyauth.js
View File

@@ -134,7 +134,7 @@ async function login(req, res, next) {
const dashboardFqdn = (await dashboard.getLocation()).fqdn;
if (req.query.redirect) {
if (typeof req.query.redirect === 'string') {
res.cookie('cloudronProxyAuthRedirect', req.query.redirect, {
httpOnly: true,
maxAge: constants.DEFAULT_TOKEN_EXPIRATION_MSECS,
@@ -146,7 +146,7 @@ async function login(req, res, next) {
}
async function callback(req, res, next) {
if (!req.query.code) return next(new HttpError(400, 'missing query argument "code"'));
if (typeof req.query.code !== 'string') return next(new HttpError(400, 'missing query argument "code"'));
debug(`callback: with code ${req.query.code}`);