Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-05-31 23:24:36 -04:00
Code Issues Packages Projects Releases Wiki Activity

Document - fix stored xss

Browse Source 
https://huntr.dev/bounties/99c4ed09-b66f-474a-bd74-eeccf9339fde/
This commit is contained in:
theworstcomrade 2021-11-20 00:17:18 +01:00
parent 2532ec7e76
commit 7270d65bda
14 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Requests/Client/UploadClientRequest.php
View File

@ -31,7 +31,7 @@ class UploadClientRequest extends Request
$rules = []; $rules = [];
if($this->input('documents')) if($this->input('documents'))
$rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; $rules['documents'] = 'file|mimes:csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000';
return $rules; return $rules;

2
app/Http/Requests/Credit/UploadCreditRequest.php
View File

@ -31,7 +31,7 @@ class UploadCreditRequest extends Request
$rules = []; $rules = [];
if($this->input('documents')) if($this->input('documents'))
$rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; $rules['documents'] = 'file|mimes:csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000';
return $rules; return $rules;

2
app/Http/Requests/Expense/UploadExpenseRequest.php
View File

@ -31,7 +31,7 @@ class UploadExpenseRequest extends Request
$rules = []; $rules = [];
if($this->input('documents')) if($this->input('documents'))
$rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; $rules['documents'] = 'file|mimes:csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000';
return $rules; return $rules;

2
app/Http/Requests/GroupSetting/UploadGroupSettingRequest.php
View File

@ -31,7 +31,7 @@ class UploadGroupSettingRequest extends Request
$rules = []; $rules = [];
if($this->input('documents')) if($this->input('documents'))
$rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; $rules['documents'] = 'file|mimes:csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000';
return $rules; return $rules;

2
app/Http/Requests/Invoice/UploadInvoiceRequest.php
View File

@ -31,7 +31,7 @@ class UploadInvoiceRequest extends Request
$rules = []; $rules = [];
if($this->input('documents')) if($this->input('documents'))
$rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; $rules['documents'] = 'file|mimes:csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000';
return $rules; return $rules;

2
app/Http/Requests/Payment/UploadPaymentRequest.php
View File

@ -31,7 +31,7 @@ class UploadPaymentRequest extends Request
$rules = []; $rules = [];
if($this->input('documents')) if($this->input('documents'))
$rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; $rules['documents'] = 'file|mimes:csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000';
return $rules; return $rules;

2
app/Http/Requests/Product/UploadProductRequest.php
View File

@ -31,7 +31,7 @@ class UploadProductRequest extends Request
$rules = []; $rules = [];
if($this->input('documents')) if($this->input('documents'))
$rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; $rules['documents'] = 'file|mimes:csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000';
return $rules; return $rules;

2
app/Http/Requests/Project/UploadProjectRequest.php
View File

@ -31,7 +31,7 @@ class UploadProjectRequest extends Request
$rules = []; $rules = [];
if($this->input('documents')) if($this->input('documents'))
$rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; $rules['documents'] = 'file|mimes:csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000';
return $rules; return $rules;

2
app/Http/Requests/Quote/UploadQuoteRequest.php
View File

@ -31,7 +31,7 @@ class UploadQuoteRequest extends Request
$rules = []; $rules = [];
if($this->input('documents')) if($this->input('documents'))
$rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; $rules['documents'] = 'file|mimes:csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000';
return $rules; return $rules;

2
app/Http/Requests/RecurringExpense/UploadRecurringExpenseRequest.php
View File

@ -31,7 +31,7 @@ class UploadRecurringExpenseRequest extends Request
$rules = []; $rules = [];
if($this->input('documents')) if($this->input('documents'))
$rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; $rules['documents'] = 'file|mimes:csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000';
return $rules; return $rules;

2
app/Http/Requests/RecurringInvoice/UploadRecurringInvoiceRequest.php
View File

@ -31,7 +31,7 @@ class UploadRecurringInvoiceRequest extends Request
$rules = []; $rules = [];
if($this->input('documents')) if($this->input('documents'))
$rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; $rules['documents'] = 'file|mimes:csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000';
return $rules; return $rules;

2
app/Http/Requests/RecurringQuote/UploadRecurringQuoteRequest.php
View File

@ -31,7 +31,7 @@ class UploadRecurringQuoteRequest extends Request
$rules = []; $rules = [];
if($this->input('documents')) if($this->input('documents'))
$rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; $rules['documents'] = 'file|mimes:csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000';
return $rules; return $rules;

2
app/Http/Requests/Task/UploadTaskRequest.php
View File

@ -31,7 +31,7 @@ class UploadTaskRequest extends Request
$rules = []; $rules = [];
if($this->input('documents')) if($this->input('documents'))
$rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; $rules['documents'] = 'file|mimes:csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000';
return $rules; return $rules;

2
app/Http/Requests/Vendor/UploadVendorRequest.php vendored
View File

@ -31,7 +31,7 @@ class UploadVendorRequest extends Request
$rules = []; $rules = [];
if($this->input('documents')) if($this->input('documents'))
$rules['documents'] = 'file|mimes:html,csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000'; $rules['documents'] = 'file|mimes:csv,png,ai,jpeg,tiff,pdf,gif,psd,txt,doc,xls,ppt,xlsx,docx,pptx|max:2000000';
return $rules; return $rules;