pterodactyl/panel
1
0
Fork 0
mirror of https://github.com/pterodactyl/panel.git synced 2025-12-10 00:32:14 -06:00
Code Issues Packages Projects Releases 128 Wiki Activity

fix: add additional input validation

Browse Source 
Signed-off-by: Matthew Penner <me@matthewp.io>
This commit is contained in:
Matthew Penner 2025-06-15 19:40:22 -06:00
parent 64c789712f
commit ea926daac5
No known key found for this signature in database
2 changed files with 21 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
app/Http/Controllers/Base/LocaleController.php
View File

@ -2,11 +2,11 @@
namespace Pterodactyl\Http\Controllers\Base;
use Illuminate\Http\Request;
use Illuminate\Http\JsonResponse;
use Illuminate\Translation\Translator;
use Illuminate\Contracts\Translation\Loader;
use Pterodactyl\Http\Controllers\Controller;
use Pterodactyl\Http\Requests\Base\LocaleRequest;
class LocaleController extends Controller
{
@ -20,20 +20,11 @@ class LocaleController extends Controller
/**
* Returns translation data given a specific locale and namespace.
*/
public function __invoke(Request $request): JsonResponse
public function __invoke(LocaleRequest $request): JsonResponse
{
$locales = explode(' ', $request->input('locale') ?? '');
$namespaces = explode(' ', $request->input('namespace') ?? '');
$response = [];
foreach ($locales as $locale) {
$response[$locale] = [];
foreach ($namespaces as $namespace) {
$response[$locale][$namespace] = $this->i18n(
$this->loader->load($locale, str_replace('.', '/', $namespace))
);
}
}
$locale = $request->input('locale');
$namespace = $request->input('namespace');
$response[$locale][$namespace] = $this->i18n($this->loader->load($locale, $namespace));
return new JsonResponse($response, 200, [
// Cache this in the browser for an hour, and allow the browser to use a stale

16
app/Http/Requests/Base/LocaleRequest.php Normal file
View File

@ -0,0 +1,16 @@
<?php
namespace Pterodactyl\Http\Requests\Base;
use Illuminate\Foundation\Http\FormRequest;
class LocaleRequest extends FormRequest
{
public function rules(): array
{
return [
'locale' => ['required', 'string', 'regex:/^[a-z][a-z]$/'],
'namespace' => ['required', 'string', 'regex:/^[a-z]{1,191}$/'],
];
}
}