summaryrefslogtreecommitdiff
path: root/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
diff options
context:
space:
mode:
authorFrancis Lavoie <lavofr@gmail.com>2021-12-30 04:15:48 -0500
committerGitHub <noreply@github.com>2021-12-30 04:15:48 -0500
commit3fe2c73dd04f7769a9d9673236cb94b79ac45659 (patch)
tree8136fcfe82d5bf3ba4158df0f965d4c866393113 /modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go
parent5333c3528bd2badf1676efcced322d151e3706c8 (diff)
caddyhttp: Fix `MatchPath` sanitizing (#4499)
This is a followup to #4407, in response to a report on the forums: https://caddy.community/t/php-fastcgi-phishing-redirection/14542 Turns out that doing `TrimRight` to remove trailing dots, _before_ cleaning the path, will cause double-dots at the end of the path to not be cleaned away as they should. We should instead remove the dots _after_ cleaning.
Diffstat (limited to 'modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go')
0 files changed, 0 insertions, 0 deletions