Filter in routes doesn't work if user input url in different case |
If I use filter in routes, for example: $routes->get('admin/home/x1', 'admin\home: x1', ['filter' => 'fil']);
its works if user open the url with lowercase letters only e.g (https://localhost/public/admin/home/x1) but if the user opens the url in uppercase letters e.g (https://localhost/public/admin/HOmE/X1) then the filter does not work and I think its can cause unsafe
Routes are case sensitive.
Therefore, admin/HOmE/X1 (url path) is not equal to admin/home/x1 (route) Therefore, the filters specified in the route do not work. Based on the fact that the controller is working, it means that you have automatic routing enabled. It also indicates that you are using Windows (Windows has case insensitive paths). Let me summarize. The unsafe work described in your topic is the fault of the developer. WBR =) |
Welcome Guest, Not a member yet? Register Sign In |