Skip to content

Commit

Permalink
Block more SQL injection attempts
Browse files Browse the repository at this point in the history
  • Loading branch information
@nigelhorne
nigelhorne committed Aug 20, 2023
1 parent 4666f0d commit d22bc76
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion lib/CGI/Info.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1348,7 +1348,7 @@ sub is_robot {
return 0;
}

if($agent =~ /SELECT.+AND.+/) {
if(($agent =~ /SELECT.+AND.+/) || ($agent =~ /ORDER BY /)) {
$self->status(403);
$self->{is_robot} = 1;
if($self->{logger}) {
Expand Down

0 comments on commit d22bc76

Please sign in to comment.