From c3d14e1fa54c7dade7b1b7955575e2991396d7ef Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Mon, 14 Sep 2020 19:46:52 +0300
Subject: - fix multiple vulnerabilities in af_proxy_http - fix vulnerability
 in rewrite_relative_url() which prevented some URLs from being properly
 absolutized - fetch_file_contents: validate all URLs before requesting them -
 validate URLs: explicitly whitelist http and https scheme, forbid everything
 else - DiskCache/cached_url: only serve whitelisted content types (images,
 video) - simplify filename/URL handling code, remove and consolidate some
 less-used functions

---
 classes/diskcache.php | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

(limited to 'classes/diskcache.php')

diff --git a/classes/diskcache.php b/classes/diskcache.php
index 68829b8e3..74415189c 100644
--- a/classes/diskcache.php
+++ b/classes/diskcache.php
@@ -191,7 +191,7 @@ class DiskCache {
 	];
 
 	public function __construct($dir) {
-		$this->dir = CACHE_DIR . "/" . clean_filename($dir);
+		$this->dir = CACHE_DIR . "/" . basename(clean($dir));
 	}
 
 	public function getDir() {
@@ -227,9 +227,7 @@ class DiskCache {
 	}
 
 	public function getFullPath($filename) {
-		$filename = clean_filename($filename);
-
-		return $this->dir . "/" . $filename;
+		return $this->dir . "/" . basename(clean($filename));
 	}
 
 	public function put($filename, $data) {
-- 
cgit v1.2.3-54-g00ecf