Skip to content

Commit

Permalink
Block more SQL injection attempts
Browse files Browse the repository at this point in the history
  • Loading branch information
nigelhorne committed Aug 20, 2023
1 parent d22bc76 commit 1aa9542
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion lib/CGI/Info.pm
Original file line number Diff line number Diff line change
Expand Up @@ -1348,7 +1348,7 @@ sub is_robot {
return 0;
}

if(($agent =~ /SELECT.+AND.+/) || ($agent =~ /ORDER BY /)) {
if(($agent =~ /SELECT.+AND.+/) || ($agent =~ /ORDER BY /) || ($agent =~ / OR NOT /) || ($agent =~ / AND \d+=\d+/)) {
$self->status(403);
$self->{is_robot} = 1;
if($self->{logger}) {
Expand Down

0 comments on commit 1aa9542

Please sign in to comment.