TRKJ/EdgeAdmin
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeAdmin.git synced 2025-11-04 13:10:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

增强安全性

Browse Source
This commit is contained in:
GoEdgeLab
2024-03-18 11:45:13 +08:00
parent 3c3777a08f
commit b31e26740e
4 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
internal/web/helpers/user_must_auth.go
View File

@@ -109,6 +109,12 @@ func NewUserMustAuth(module string) *userMustAuth {
func (this *userMustAuth) BeforeAction(actionPtr actions.ActionWrapper, paramName string) (goNext bool) {
var action = actionPtr.Object()
// 检查请求是否合法
if isEvilRequest(action.Request) {
action.ResponseWriter.WriteHeader(http.StatusForbidden)
return false
}
// 恢复模式
if teaconst.IsRecoverMode {
action.RedirectURL("/recover")