From: Dan Brown Date: Sat, 30 Sep 2017 13:31:27 +0000 (+0100) Subject: Added missing middleware to trim input X-Git-Tag: v0.18.2~1^2~7 X-Git-Url: http://source.bookstackapp.com/bookstack/commitdiff_plain/aca6de49b0324c9b1cf48a79908f6d3ad2fd0d5a Added missing middleware to trim input --- diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 839590c95..2b5caa89c 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -13,8 +13,9 @@ class Kernel extends HttpKernel */ protected $middleware = [ \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class, - \Illuminate\Session\Middleware\StartSession::class, - \Illuminate\View\Middleware\ShareErrorsFromSession::class, + \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, + \BookStack\Http\Middleware\TrimStrings::class, + \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, ]; /** @@ -26,6 +27,8 @@ class Kernel extends HttpKernel 'web' => [ \BookStack\Http\Middleware\EncryptCookies::class, \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, + \Illuminate\Session\Middleware\StartSession::class, + \Illuminate\View\Middleware\ShareErrorsFromSession::class, \BookStack\Http\Middleware\VerifyCsrfToken::class, \Illuminate\Routing\Middleware\SubstituteBindings::class, \BookStack\Http\Middleware\Localization::class @@ -42,7 +45,7 @@ class Kernel extends HttpKernel * @var array */ protected $routeMiddleware = [ - 'can' => \Illuminate\Auth\Middleware\Authorize::class, + 'can' => \Illuminate\Auth\Middleware\Authorize::class, 'auth' => \BookStack\Http\Middleware\Authenticate::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 'guest' => \BookStack\Http\Middleware\RedirectIfAuthenticated::class, diff --git a/app/Http/Middleware/TrimStrings.php b/app/Http/Middleware/TrimStrings.php new file mode 100644 index 000000000..34b7e912d --- /dev/null +++ b/app/Http/Middleware/TrimStrings.php @@ -0,0 +1,18 @@ +