MALIO-DEV/PlantUmlServer
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix security #122

Browse Source
This commit is contained in:
Arnaud Roques
2019-09-26 19:08:48 +02:00
parent aa9172f715
commit 83138142c5
4 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/main/java/net/sourceforge/plantuml/servlet/DiagramResponse.java
View File

@@ -69,6 +69,12 @@ class DiagramResponse {
map.put(FileFormat.BASE64, "text/plain; charset=x-user-defined");
CONTENT_TYPE = Collections.unmodifiableMap(map);
}
static {
OptionFlags.ALLOW_INCLUDE = false;
if ("true".equalsIgnoreCase(System.getenv("ALLOW_PLANTUML_INCLUDE"))) {
OptionFlags.ALLOW_INCLUDE = true;
}
}
DiagramResponse(HttpServletResponse r, FileFormat f, HttpServletRequest rq) {
response = r;