MAGICGrants/campaign-site
1
0
Fork 0
mirror of https://github.com/MAGICGrants/campaign-site.git synced 2026-01-08 03:53:59 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: prevent ssrf in perk page

Browse Source
This commit is contained in:
Keeqler
2025-12-10 20:48:48 -03:00
parent 561dae09ca
commit 1d3c86ea05
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
pages/[fund]/perks/[id].tsx
View File

@@ -745,6 +745,12 @@ export async function getServerSideProps({ params, req, res }: GetServerSideProp
return { redirect: { destination: `/${params?.fund!}` } }
}
const idRegex = /^[0-9a-z]{24}$/
if (!idRegex.test(`${params?.id!}`)) {
return { redirect: { destination: `/${params?.fund!}/perks` } }
}
try {
const [
balance,