MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

new: [API] Check for malformed JSON requests

pull/3471/head
iglocska 2018-07-11 10:16:19 +02:00
parent 103da8082d
commit 0d45dbc27a
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
app/Controller/AppController.php
View File

@ -446,7 +446,16 @@ class AppController extends Controller {
protected function _isRest() {
$api = $this->__isApiFunction($this->request->params['controller'], $this->request->params['action']);
return (isset($this->RequestHandler) && ($api || $this->RequestHandler->isXml() || $this->_isJson()));
if (isset($this->RequestHandler) && ($api || $this->RequestHandler->isXml() || $this->_isJson())) {
if ($this->_isJson()) {
if (!empty($this->request->input()) && empty($this->request->input('json_decode'))) {
throw new MethodNotAllowedException('Invalid JSON input. Make sure that the JSON input is a correctly formatted JSON string. This request has been blocked to avoid an unfiltered request.');
}
}
return true;
} else {
return false;
}
}
protected function _isAutomation() {