Some hardening

author: Case Duckworth 2023-01-20 15:36:44 -0600
committer: Case Duckworth 2023-01-20 15:36:44 -0600
commit: 71a2d856c6d70fea67275eb2d92230e0c455b1bc (patch)
tree: 7847c52b00b7193fdbb97621d585b3e8026bb9e0
parent: Style images (diff)
download: superstack-71a2d856c6d70fea67275eb2d92230e0c455b1bc.tar.gz
superstack-71a2d856c6d70fea67275eb2d92230e0c455b1bc.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/superstack.php b/superstack.php
index c02ae6d..8f8b2a0 100644
--- a/superstack.php
+++ b/superstack.php

@@ -1,5 +1,11 @@
 <?php
 $site = urldecode($_GET['page']);
+if(!empty($site) && !preg_match("substack\.com", $site)) {
+        http_response_code(403);
+        exit
+}
 $ch = curl_init($site);
 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
 $page = curl_exec($ch);
author	Case Duckworth	2023-01-20 15:36:44 -0600
committer	Case Duckworth	2023-01-20 15:36:44 -0600
commit	71a2d856c6d70fea67275eb2d92230e0c455b1bc (patch)
tree	7847c52b00b7193fdbb97621d585b3e8026bb9e0
parent	Style images (diff)
download	superstack-71a2d856c6d70fea67275eb2d92230e0c455b1bc.tar.gz superstack-71a2d856c6d70fea67275eb2d92230e0c455b1bc.zip

diff --git a/superstack.php b/superstack.php index c02ae6d..8f8b2a0 100644 --- a/superstack.php +++ b/superstack.php
@@ -1,5 +1,11 @@
1	<?php	1	<?php
2	$site = urldecode($_GET['page']);	2	$site = urldecode($_GET['page']);
		3
		4	if(!empty($site) && !preg_match("substack\.com", $site)) {
		5	http_response_code(403);
		6	exit
		7	}
		8
3	$ch = curl_init($site);	9	$ch = curl_init($site);
4	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);	10	curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
5	$page = curl_exec($ch);	11	$page = curl_exec($ch);