Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2025-12-19 18:28:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Replace mg.request_info.request_uri with the variable scriptname

Browse Source 
The information from `mg.request_info.request_uri` depends on the URL typed
by the user. This information was used without any sanitization, allowing
an attacker to send crafted links containing anything, including javascript
code, which could be loaded and executed in a few pages.

Replacing this value with `scriptname` variable fixes the issue, since this
variable contains the name of the file currently being executed. This
information cannot be externally manipulated and it is safe to be used on
the page.

Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
This commit is contained in:
RD WebDesign
2025-07-13 02:55:19 -03:00
parent da8033947a
commit 8c0f785351
4 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
error403.lp
View File

@@ -10,7 +10,7 @@
mg.include('scripts/lua/header.lp','r')
?>
</head>
<body class="hold-transition layout-boxed login-page page-<?=pihole.format_path(mg.request_info.request_uri)?>">
<body class="hold-transition layout-boxed login-page page-<?=pihole.format_path(scriptname)?>">
<div class="box login-box">
<section style="padding: 15px;">
<h2 class="error-headline text-danger">403</h2>

2
error404.lp
View File

@@ -10,7 +10,7 @@
mg.include('scripts/lua/header.lp','r')
?>
</head>
<body class="hold-transition layout-boxed login-page page-<?=pihole.format_path(mg.request_info.request_uri)?>">
<body class="hold-transition layout-boxed login-page page-<?=pihole.format_path(scriptname)?>">
<div class="box login-box">
<section style="padding: 15px;">
<h2 class="error-headline text-yellow">404</h2>

2
login.lp
View File

@@ -10,7 +10,7 @@
mg.include('scripts/lua/header.lp','r')
?>
</head>
<body class="hold-transition layout-boxed login-page page-<?=pihole.format_path(mg.request_info.request_uri)?>" data-apiurl="<?=pihole.api_url()?>" data-webhome="<?=webhome?>">
<body class="hold-transition layout-boxed login-page page-<?=pihole.format_path(scriptname)?>" data-apiurl="<?=pihole.api_url()?>" data-webhome="<?=webhome?>">
<div class="box login-box" id="login-box">
<section style="padding: 15px;">
<div class="login-logo">

2
scripts/lua/header_authenticated.lp
View File

@@ -24,7 +24,7 @@ mg.include('header.lp','r')
<script src="<?=pihole.fileversion('vendor/waitMe-js/modernized-waitme-min.js')?>"></script>
<script src="<?=pihole.fileversion('scripts/js/logout.js')?>"></script>
</head>
<body class="<?=theme.name?> hold-transition sidebar-mini <? if pihole.boxedlayout() then ?>layout-boxed<? end ?> logged-in page-<?=pihole.format_path(mg.request_info.request_uri)?>" data-apiurl="<?=pihole.api_url()?>" data-webhome="<?=webhome?>">
<body class="<?=theme.name?> hold-transition sidebar-mini <? if pihole.boxedlayout() then ?>layout-boxed<? end ?> logged-in page-<?=pihole.format_path(scriptname)?>" data-apiurl="<?=pihole.api_url()?>" data-webhome="<?=webhome?>">
<noscript>
<!-- JS Warning -->
<div>