MAGICGrants/campaign-site
1
0
Fork 0
mirror of https://github.com/MAGICGrants/campaign-site.git synced 2026-01-09 20:38:02 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #196 from MAGICGrants/perk-page-ssrf-fix

Browse Source 
fix: prevent ssrf in perk page
This commit is contained in:
Artur
2025-12-10 21:52:20 -03:00
committed by GitHub
parent 6b090fdd35 1d3c86ea05
commit 68dca49d9c
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
pages/[fund]/perks/[id].tsx
View File

@@ -745,6 +745,12 @@ export async function getServerSideProps({ params, req, res }: GetServerSideProp
return { redirect: { destination: `/${params?.fund!}` } }
}
const idRegex = /^[0-9a-z]{24}$/
if (!idRegex.test(`${params?.id!}`)) {
return { redirect: { destination: `/${params?.fund!}/perks` } }
}
try {
const [
balance,