Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

相对路径覆盖(RPO)漏洞 #216

Open
Yunlie1013 opened this issue Apr 24, 2024 · 1 comment
Open

相对路径覆盖(RPO)漏洞 #216

Yunlie1013 opened this issue Apr 24, 2024 · 1 comment

Comments

@Yunlie1013
Copy link

5c4bffad545b371d5d240e675cf7034(1)(1)
这种怎么修复,改哪个文件的源码
@KOHGYLW
Copy link
Owner

KOHGYLW commented Jun 24, 2024
edited
Loading

通常情况下,尤其是在受控的局域网内,该风险较低,本人认为无需进行修改。如果您需要在公网上大规模使用,那么可以考虑将webContext文件夹内的所有.js文件和.html文件中的路径改为您部署后的绝对路径,例如 home.html -> https://your.domain/home.html 这种形式。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@KOHGYLW @Yunlie1013