diff --git a/meshuser.js b/meshuser.js index 3bd831cb..3769d891 100644 --- a/meshuser.js +++ b/meshuser.js @@ -4074,6 +4074,7 @@ module.exports.CreateMeshUser = function (parent, db, ws, req, args, domain, use case 'userWebState': { if (common.validateString(command.state, 1, 10000) == false) break; // Check state size, no more than 10k command.state = parent.filterUserWebState(command.state); // Filter the state to remove anything bad + if ((command.state == null) || (typeof command.state !== 'object')) break; // If state did not validate correctly, quit here. db.Set({ _id: 'ws' + user._id, state: command.state }); parent.parent.DispatchEvent([user._id], obj, { action: 'userWebState', nolog: 1, domain: domain.id, state: command.state }); break; diff --git a/views/default.handlebars b/views/default.handlebars index c9fcccb2..7b2ac83b 100644 --- a/views/default.handlebars +++ b/views/default.handlebars @@ -1188,6 +1188,7 @@ // Process server-side web state var webState = '{{{webstate}}}'; if (webState != '') { webState = JSON.parse(decodeURIComponent(webState)); } + if ((webState == null) || (typeof webState != 'object')) { webState = {}; } for (var i in webState) { if (i != 'desktopsettings') { localStorage.setItem(i, webState[i]); } } if (!webState.loctag) { try { delete localStorage.removeItem('loctag'); } catch (ex) { } } diff --git a/webserver.js b/webserver.js index 4514feb5..946a3d59 100644 --- a/webserver.js +++ b/webserver.js @@ -1747,9 +1747,9 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { if (!user) { parent.debug('web', 'handleDeleteAccountRequest: user not found.'); res.sendStatus(404); return; } // Check if the password is correct - obj.authenticate(user.name, req.body.apassword1, domain, function (err, userid) { + obj.authenticate(user._id.split('/')[2], req.body.apassword1, domain, function (err, userid) { var deluser = obj.users[userid]; - if ((deluser != null) || (userid == null)) { + if ((userid != null) && (deluser != null)) { // Remove all links to this user if (deluser.links != null) { for (var i in deluser.links) { @@ -2813,10 +2813,10 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { // Download a desktop recording function handleGetRecordings(req, res) { const domain = checkUserIpAddress(req, res); - if (domain == null) { return; } + if (domain == null) return; // Check the query - if (req.query.file == null) { res.sendStatus(401); return; } + if ((req.query.file == null) || (obj.common.IsFilenameValid(req.query.file) !== true)) { res.sendStatus(401); return; } // Get the recording path var recordingsPath = null; @@ -5608,6 +5608,7 @@ module.exports.CreateWebServer = function (parent, db, args, certificates) { const acceptableUserWebStateDesktopStrings = ['encoding', 'showfocus', 'showmouse', 'showcad', 'limitFrameRate', 'noMouseRotate', 'quality', 'scaling'] obj.filterUserWebState = function (state) { if (typeof state == 'string') { try { state = JSON.parse(state); } catch (ex) { return null; } } + if ((state == null) || (typeof state != 'object')) { return null; } var out = {}; for (var i in acceptableUserWebStateStrings) { var n = acceptableUserWebStateStrings[i];