indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

More bad endings

main
bashrc 2026-04-21 10:19:54 +01:00
parent b66ecea6e0
commit efca7f7b5c
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
utils.py
View File

@ -4126,7 +4126,7 @@ def check_bad_path(path: str):
'/sftp.', '/sftp-', '/statistics', '/sftp.', '/sftp-', '/statistics',
'/config/', 'settings.', 'credentials', '/config/', 'settings.', 'credentials',
'/packs/', '/backend/', '/apis/', '/packs/', '/backend/', '/apis/',
'/laravel/', '/js/') '/laravel/', '/js/', '/root/')
# allow /.well-known/... # allow /.well-known/...
if '/.' in path_lower: if '/.' in path_lower:
@ -4139,7 +4139,7 @@ def check_bad_path(path: str):
bad_endings = ( bad_endings = (
'.js', '.ts', '.py', '.php', '.bak', '.env', '.local', '.yml', '.js', '.ts', '.py', '.php', '.bak', '.env', '.local', '.yml',
'.rs', '.ru' '.rs', '.ru', '.old', '.backup', '~', '.ini'
) )
if string_ends_with(path_lower, bad_endings): if string_ends_with(path_lower, bad_endings):
return True return True