public/homebrewery
1
0
Fork 0
mirror of https://github.com/stolksdorf/homebrewery.git synced 2025-12-22 09:51:29 +00:00
Code Issues Releases Wiki Activity

Fixed a security issue on share pages

Browse Source
This commit is contained in:
Scott Tolksdorf
2016-08-09 12:53:47 -04:00
parent 388ae933f8
commit 73e561beba
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
server.js
View File

@@ -47,7 +47,11 @@ app = require('./server/homebrew.api.js')(app);
var HomebrewModel = require('./server/homebrew.model.js').model; var HomebrewModel = require('./server/homebrew.model.js').model;
var sanitizeBrew = function(brew){
var cleanBrew = _.assign({}, brew);
delete cleanBrew.editId;
return cleanBrew;
};
//Edit Page //Edit Page
@@ -98,7 +102,7 @@ app.get('/share/:id', function(req, res){
prerenderWith : './client/homebrew/homebrew.jsx', prerenderWith : './client/homebrew/homebrew.jsx',
initialProps: { initialProps: {
url: req.originalUrl, url: req.originalUrl,
brew : resObj || errObj brew : sanitizeBrew(resObj || errObj)
}, },
clearRequireCache : !process.env.PRODUCTION, clearRequireCache : !process.env.PRODUCTION,
}, function (err, page) { }, function (err, page) {