1
0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2024-12-25 02:29:32 +02:00

[Web] secure container_ctrl.php

This commit is contained in:
FreddleSpl0it 2024-04-04 16:30:35 +02:00
parent 7660ca89ae
commit b37caaf9e5
No known key found for this signature in database
GPG Key ID: 00E14E7634F4BEC5

View File

@ -1,4 +1,11 @@
<?php
// Block requests by checking the 'Sec-Fetch-Dest' header.
if (isset($_SERVER['HTTP_SEC_FETCH_DEST']) && $_SERVER['HTTP_SEC_FETCH_DEST'] !== 'empty') {
header('HTTP/1.1 403 Forbidden');
exit;
}
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
if (!isset($_SESSION['mailcow_cc_role']) || $_SESSION['mailcow_cc_role'] != 'admin') {
exit();