Filter a few more things...

NOAA-PMEL · Aug 1, 2022 · 53be128 · 53be128
1 parent 6c5d957
commit 53be128
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/JavaSource/gov/noaa/pmel/tmap/las/filter/RequestInputFilter.java b/JavaSource/gov/noaa/pmel/tmap/las/filter/RequestInputFilter.java
@@ -418,7 +418,11 @@ public boolean validateTemplateAndImage(HttpServletRequest request) {
                 if (v.toLowerCase().contains(">") || 
                     v.toLowerCase().contains("<") || 
                     v.toLowerCase().contains("script") || 
+                    v.toLowerCase().contains("/") || 
+                    v.toLowerCase().contains("%") || 
                     v.toLowerCase().contains("..") ) {
+                    return false;
+                }
                 if ( v.equals(vm[i]) ) {
                     return true;
                 }
@@ -429,7 +433,6 @@ public boolean validateTemplateAndImage(HttpServletRequest request) {
 						v.toLowerCase().contains("refresh") ||
 						v.toLowerCase().contains("equiv")
 				) {
->>>>>>> 9afbb8887c0051a06c31109e97022991c57db476
                     return false;
                 }
             }