forked from juice-shop/juice-shop
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathprofileImageUrlUpload.js
34 lines (33 loc) · 1.24 KB
/
profileImageUrlUpload.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
const fs = require('fs')
const models = require('../models/index')
const insecurity = require('../lib/insecurity')
const request = require('request')
const logger = require('../lib/logger')
module.exports = function profileImageUrlUpload () {
return (req, res, next) => {
if (req.body.imageUrl !== undefined) {
const url = req.body.imageUrl
if (url.match(/(.)*solve\/challenges\/server-side(.)*/) !== null) {
req.app.locals.abused_ssrf_bug = true
}
const loggedInUser = insecurity.authenticatedUsers.get(req.cookies.token)
if (loggedInUser) {
request
.get(url)
.on('error', function (err) {
logger.warn('Error retrieving authenticated user: ' + err.message)
})
.pipe(fs.createWriteStream('frontend/dist/frontend/assets/public/images/uploads/' + loggedInUser.data.id + '.jpg'))
models.User.findByPk(loggedInUser.data.id).then(user => {
return user.update({ profileImage: loggedInUser.data.id + '.jpg' })
}).catch(error => {
next(error)
})
} else {
next(new Error('Blocked illegal activity by ' + req.connection.remoteAddress))
}
}
res.location('/profile')
res.redirect('/profile')
}
}