misc_pterodactyl-panel/app/Http
Dane Everitt e8dcd30e0c
[security] fix resources not properly returning an error when they don't match the server in the URL
Prior to this fix certain resources were accessible even when their assigned server was not the same as the server in the URL. This causes the resource server relationship to not match the server variable present on the request.

Due to this failed logic it was possible for users to access resources they should not have been able to access otherwise for some areas of the panel.
2021-01-19 21:19:17 -08:00
..
Controllers Add endpoint to get all nodes meeting memory & disk requirements for a server; closes #1012 2021-01-10 13:08:43 -08:00
Middleware [security] fix resources not properly returning an error when they don't match the server in the URL 2021-01-19 21:19:17 -08:00
Requests Add internal support for file denylist on eggs; closes #569 2021-01-10 17:02:14 -08:00
Resources/Wings Return all servers for a node as a paginated response 2020-10-31 11:14:28 -07:00
ViewComposers Add Google Analytics 2020-07-26 21:05:54 -04:00
Kernel.php Block API access when 2FA is required on account; closes #2791 2020-12-06 13:56:14 -08:00