mirrors
/
uptime-kuma
mirror of https://github.com/louislam/uptime-kuma.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add check to prevent user-provided `dbConfig.caFilePath`.

This commit is contained in:
Gabriel Ngandu-Biseba 2024-12-06 13:50:28 +01:00
parent 9151d99188
commit aeffe6d5ad
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
server/setup-database.js
View File

@ -207,6 +207,11 @@ class SetupDatabase {
return;
}
// Prevent someone from injecting a CA file path not generated by the code below
if (dbConfig.caFilePath) {
dbConfig.caFilePath = undefined;
}
if (dbConfig.caFile) {
const base64Data = dbConfig.caFile.replace(/^data:application\/octet-stream;base64,/, "");
console.log(dbConfig);