AskDavis/cyphernode
1
0
Fork 0
mirror of https://github.com/AskDavis/cyphernode.git synced 2025-12-31 20:25:57 -08:00
Code Issues Packages Projects Releases Wiki Activity

Update auth.sh

Browse Source
This commit is contained in:
kexkey
2018-10-17 15:59:07 -04:00
committed by GitHub
parent bfab6bf9a8
commit 06da9dc0dd
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
api_auth_docker/auth.sh
View File

@@ -42,11 +42,11 @@ verify_sign()
trace "[verify_sign] id=${id}"
# Check for code injection
# id will usually be an int, but could be alphanum... nothing else
if ! [[ $id =~ '^[A-Za-z0-9]$']]; then
# id will usually be an int, but can be alphanum... nothing else
case $id in (*[![:alnum:]]*|"")
trace "[verify_sign] Potential code injection, exiting"
return 1
fi
esac
# It is so much faster to include the keys here instead of grep'ing the file for key.
. ./keys.properties
@@ -88,11 +88,11 @@ verify_group()
trace "[verify_group] action=${action}"
# Check for code injection
# action could be alphanum... nothing else
if ! [[ $action =~ '^[A-Za-z]$']]; then
# action can be alphanum... nothing else
case $action in (*[![:alnum:]]*|"")
trace "[verify_group] Potential code injection, exiting"
return 1
fi
esac
# It is so much faster to include the keys here instead of grep'ing the file for key.
. ./api.properties