]> git.proxmox.com Git - pve-manager.git/commitdiff
projects / pve-manager.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2103d11)
HTTPServer.pm: improve baseuri matching
authorDietmar Maurer <dietmar@proxmox.com>
Tue, 10 Jan 2017 16:06:07 +0000 (17:06 +0100)
committerFabian Grünbichler <f.gruenbichler@proxmox.com>
Thu, 12 Jan 2017 10:53:19 +0000 (11:53 +0100)
Signed-off-by: Dietmar Maurer <dietmar@proxmox.com>
PVE/HTTPServer.pm patch | blob | blame | history

diff --git a/PVE/HTTPServer.pm b/PVE/HTTPServer.pm
index 10263e9ee071c281161736c82758544368cca231..0697ae2d0e3d3ad23890ad32932ae6e76477cd8a 100755 (executable)
--- a/PVE/HTTPServer.pm
+++ b/PVE/HTTPServer.pm
@@ -982,7 +982,7 @@ sub handle_request {
        # we re-enable timeout in response()
        $reqstate->{hdl}->timeout(0);
 
-       if ($path =~ m!$baseuri!) {
+       if ($path =~ m/^\Q$baseuri\E/) {
            $self->handle_api2_request($reqstate, $auth, $method, $path);
            return;
        }
@@ -1258,7 +1258,7 @@ sub unshift_read_header {
                    }
                    $self->handle_spice_proxy_request($reqstate, $connect_str, $vmid, $node, $port);
                    return;
-               } elsif ($path =~ m!$baseuri!) {
+               } elsif ($path =~ m/^\Q$baseuri\E/) {
                    my $token = $r->header('CSRFPreventionToken');
                    my $cookie = $r->header('Cookie');
                    my $ticket = extract_auth_cookie($cookie, $self->{cookie_name});
The Proxmox VE Management API and Web UI