lucas.mathieu/cachet-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use Binput for xss protection

Browse Source
This commit is contained in:
Graham Campbell
2015-01-02 12:05:50 +00:00
parent e0a6e795b1
commit b001bd60db
14 changed files with 144 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/Http/Controllers/DashAPIController.php
View File

@@ -4,8 +4,8 @@ namespace CachetHQ\Cachet\Http\Controllers;
use CachetHQ\Cachet\Models\Component;
use Exception;
use GrahamCampbell\Binput\Facades\Binput;
use Illuminate\Routing\Controller;
use Illuminate\Support\Facades\Input;
class DashAPIController extends Controller
{
@@ -20,7 +20,7 @@ class DashAPIController extends Controller
*/
public function postUpdateComponent(Component $component)
{
if (!$component->update(Input::except(['_token']))) {
if (!$component->update(Binput::except(['_token']))) {
throw new Exception('Failed to update the component.');
}
@@ -34,7 +34,7 @@ class DashAPIController extends Controller
*/
public function postUpdateComponentOrder()
{
$componentData = Input::all();
$componentData = Binput::all();
unset($componentData['component'][0]); // Remove random 0 index.
foreach ($componentData['component'] as $componentId => $order) {