Fix CVE-2024-46256 and CVE-2024-46257

- Schema validate against bad domain characters - Integration test for CVE POC examples - Cypress rewrite of plugins for file upload
2025-06-18 10:06:26 +00:00 · 2024-10-11 11:21:22 +10:00
parent 7c97516de6
commit c39d5433bc
19 changed files with 358 additions and 180 deletions
--- a/backend/schema/paths/nginx/certificates/validate/post.json
+++ b/backend/schema/paths/nginx/certificates/validate/post.json
@ -50,6 +50,42 @@
 								"certificate_key": true
 							}
 						}
+					},
+					"schema": {
+						"type": "object",
+						"additionalProperties": false,
+						"required": ["certificate", "certificate_key"],
+						"properties": {
+							"certificate": {
+								"type": "object",
+								"additionalProperties": false,
+								"required": ["cn", "issuer", "dates"],
+								"properties": {
+									"cn": {
+										"type": "string"
+									},
+									"issuer": {
+										"type": "string"
+									},
+									"dates": {
+										"type": "object",
+										"additionalProperties": false,
+										"required": ["from", "to"],
+										"properties": {
+											"from": {
+												"type": "integer"
+											},
+											"to": {
+												"type": "integer"
+											}
+										}
+									}
+								}
+							},
+							"certificate_key": {
+								"type": "boolean"
+							}
+						}
 					}
 				}
 			}
@ -67,6 +103,9 @@
 								}
 							}
 						}
+					},
+					"schema": {
+						"$ref": "../../../../components/error.json"
 					}
 				}
 			}