indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Reject php requests

main
Bob Mottram 2024-07-28 15:51:24 +01:00
parent 4a50de31bf
commit 5c64462a5e
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
daemon_get.py
View File

@ -269,6 +269,12 @@ def daemon_http_get(self) -> None:
http_403(self) http_403(self)
return return
# php
if 'index.php' in self.path:
print('GET HTTP Attempt to access PHP file ' + self.path)
http_404(self)
return
if contains_invalid_chars(str(self.headers)): if contains_invalid_chars(str(self.headers)):
print('GET HTTP headers contain invalid characters ' + print('GET HTTP headers contain invalid characters ' +
str(self.headers)) str(self.headers))

6
daemon_post.py
View File

@ -106,6 +106,12 @@ def daemon_http_post(self) -> None:
http_403(self) http_403(self)
return return
# php
if 'index.php' in self.path:
print('POST HTTP Attempt to access PHP file ' + self.path)
http_404(self)
return
calling_domain = self.server.domain_full calling_domain = self.server.domain_full
if self.headers.get('Host'): if self.headers.get('Host'):
calling_domain = decoded_host(self.headers['Host']) calling_domain = decoded_host(self.headers['Host'])