Skynet/misc_pterodactyl-panel
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
misc_pterodactyl-panel/app/Http/Middleware
History
Dane Everitt e8dcd30e0c
[security] fix resources not properly returning an error when they don't match the server in the URL 
Prior to this fix certain resources were accessible even when their assigned server was not the same as the server in the URL. This causes the resource server relationship to not match the server variable present on the request.

Due to this failed logic it was possible for users to access resources they should not have been able to access otherwise for some areas of the panel.
2021-01-19 21:19:17 -08:00
..
Admin/Servers Move server view management parts to new controller and clean up code 2019-11-24 12:50:16 -08:00
Api [security] fix resources not properly returning an error when they don't match the server in the URL 2021-01-19 21:19:17 -08:00
Server Clarify error messaging for transfers 2020-12-24 10:14:10 -08:00
AdminAuthenticate.php Format files 2019-09-05 21:32:57 -07:00
Authenticate.php Format files 2019-09-05 21:32:57 -07:00
EncryptCookies.php Update all the middlewares 2017-10-29 12:37:25 -05:00
LanguageMiddleware.php Format files 2019-09-05 21:32:57 -07:00
MaintenanceMiddleware.php Format files 2019-09-05 21:32:57 -07:00
RedirectIfAuthenticated.php Format files 2019-09-05 21:32:57 -07:00
RequireTwoFactorAuthentication.php Block API access when 2FA is required on account; closes #2791 2020-12-06 13:56:14 -08:00
TrimStrings.php Update codebase to L5.4 (#367) 2017-04-01 17:59:43 -04:00
TrustProxies.php Fixes before release 2018-05-20 16:49:54 -07:00
VerifyCsrfToken.php Implement basic security policy on daemon remote routes 2017-01-27 16:34:46 -05:00
VerifyReCaptcha.php Fix silent failure mode when recaptcha is enabled 2019-12-15 16:13:44 -08:00