devol
/
bitwarden-estensione-browser
mirror of https://github.com/bitwarden/browser
1
0
Fork 0
Code Issues 1 Releases Wiki Activity

validate path for directory traversal (#540) 

* validate path for directory traversal

* use previously constructed requestUrl
This commit is contained in:
Kyle Spearrin 2021-11-10 15:13:13 -05:00 committed by GitHub
parent 1b4a5508bd
commit b99103d3f7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
common/src/services/api.service.ts
View File

@ -1609,6 +1609,13 @@ export class ApiService implements ApiServiceAbstraction {
authed: boolean, hasResponse: boolean, apiUrl?: string,
alterHeaders?: (headers: Headers) => void): Promise<any> {
apiUrl = Utils.isNullOrWhitespace(apiUrl) ? this.environmentService.getApiUrl() : apiUrl;
const requestUrl = apiUrl + path;
// Prevent directory traversal from malicious paths
if (new URL(requestUrl).href !== requestUrl) {
return Promise.reject('Invalid request url path.');
}
const headers = new Headers({
'Device-Type': this.deviceType,
});
@ -1647,7 +1654,7 @@ export class ApiService implements ApiServiceAbstraction {
}
requestInit.headers = headers;
const response = await this.fetch(new Request(apiUrl + path, requestInit));
const response = await this.fetch(new Request(requestUrl, requestInit));
if (hasResponse && response.status === 200) {
const responseJson = await response.json();