diff options
| author | Bart Visscher <bartv@thisnet.nl> | 2013-02-09 15:03:47 +0100 |
|---|---|---|
| committer | Bart Visscher <bartv@thisnet.nl> | 2013-02-09 15:10:40 +0100 |
| commit | 9dddcae9ca3dcf872893e36e2f478ebecafdc6e2 (patch) | |
| tree | 161ce14d97ef95699266ead95da5f5f2bd97fb68 /lib/app.php | |
| parent | 12bdc6ddb6021f772e8e6364eee89f1406ee3d7d (diff) | |
| download | nextcloud-server-9dddcae9ca3dcf872893e36e2f478ebecafdc6e2.tar.gz nextcloud-server-9dddcae9ca3dcf872893e36e2f478ebecafdc6e2.zip | |
Remove invalid characters from app id to prevent loading of invalid resources
Diffstat (limited to 'lib/app.php')
| -rw-r--r-- | lib/app.php | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/lib/app.php b/lib/app.php index 3a4e21e8cd1..54f16d6bdcd 100644 --- a/lib/app.php +++ b/lib/app.php @@ -39,6 +39,15 @@ class OC_App{ static private $altLogin = array(); /** + * @brief clean the appid + * @param $app Appid that needs to be cleaned + * @return string + */ + public static function cleanAppId($app) { + return str_replace(array('\0', '/', '\\', '..'), '', $app); + } + + /** * @brief loads all apps * @param array $types * @return bool |