tonyair
/
silverstripe-cms
mirror of https://github.com/silverstripe/silverstripe-cms
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix url segment retrieval if it contains "0" (zero) 

I had brute force attacks on multiple SS sites lately, trying to get into "/0/licence.txt". I haven't found out what software they were looking for, but a URL segment of "0" (zero) throws an 500 error in SS. This change fixes that.
This commit is contained in:
Florian Thoma 2023-01-23 11:25:15 +11:00 committed by GitHub
parent 9907209a07
commit 0f3c2e5f8b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
code/Controllers/ModelAsController.php
View File

@ -119,7 +119,8 @@ class ModelAsController extends Controller implements NestedController
{
$request = $this->getRequest();
if (!$URLSegment = $request->param('URLSegment')) {
$URLSegment = (string) $request->param('URLSegment');
if ($URLSegment == null || !strlen($URLSegment)) {
throw new Exception('ModelAsController->getNestedController(): was not passed a URLSegment value.');
}