From 2f9fb355e384d271086a88d802a05cd3c96e0792 Mon Sep 17 00:00:00 2001 From: thisgun Date: Tue, 27 Sep 2022 17:15:46 +0900 Subject: [PATCH] =?UTF-8?q?[KVE-2022-0992]=20=EC=B7=A8=EC=95=BD=EC=A0=90?= =?UTF-8?q?=20=EB=8B=A4=EC=8B=9C=20=EC=9E=AC=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- bbs/download.php | 2 +- lib/common.lib.php | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/bbs/download.php b/bbs/download.php index 78c1bff70..030910baf 100644 --- a/bbs/download.php +++ b/bbs/download.php @@ -24,7 +24,7 @@ if (!$file['bf_file']) $nonce = isset($_REQUEST['nonce']) ? preg_replace('/[^0-9a-z\|]/i', '', $_REQUEST['nonce']) : ''; -if (function_exists('download_file_nonce_is_valid')){ +if (function_exists('download_file_nonce_is_valid') && !defined('G5_DOWNLOAD_NONCE_CHECK')){ if(! download_file_nonce_is_valid($nonce, $bo_table, $wr_id)){ alert('토큰 유효시간이 지났거나 토큰이 유효하지 않습니다.\\n브라우저를 새로고침 후 다시 시도해 주세요.', G5_URL); } diff --git a/lib/common.lib.php b/lib/common.lib.php index 98048a048..40c4b9779 100644 --- a/lib/common.lib.php +++ b/lib/common.lib.php @@ -604,7 +604,7 @@ function check_html_link_nofollow($type=''){ // Open : HTML Purifier is open-source and highly customizable function html_purifier($html) { - global $is_admin; + global $is_admin, $write; $f = file(G5_PLUGIN_PATH.'/htmlpurifier/safeiframe.txt'); $domains = array(); @@ -616,9 +616,9 @@ function html_purifier($html) array_push($domains, $domain); } } - // 관리자인 경우에만 내 도메인을 추가 - if ($is_admin) array_push($domains, $_SERVER['HTTP_HOST'].'/'); - $safeiframe = implode('|', $domains); + // 글쓴이가 관리자인 경우에만 현재 사이트 도메인을 허용 + if (isset($write['mb_id']) && $write['mb_id'] && is_admin($write['mb_id'])) array_push($domains, $_SERVER['HTTP_HOST'].'/'); + $safeiframe = implode('|', run_replace('html_purifier_safeiframes', $domains, $html)); include_once(G5_PLUGIN_PATH.'/htmlpurifier/HTMLPurifier.standalone.php'); include_once(G5_PLUGIN_PATH.'/htmlpurifier/extend.video.php');