kmc7468/arkvault
1
0
Fork 0
mirror of https://github.com/kmc7468/arkvault.git synced 2026-02-04 16:16:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

클라이언트가 Decryption Oracle로 사용될 수 있는 취약점 수정

Browse Source
This commit is contained in:
static
2025-07-04 23:26:58 +09:00
parent 13bac59824
commit c9331ae5b7
12 changed files with 58 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/routes/api/auth/upgradeSession/verify/+server.ts
View File

@@ -9,8 +9,8 @@ export const POST: RequestHandler = async ({ locals, request }) => {
const zodRes = sessionUpgradeVerifyRequest.safeParse(await request.json());
if (!zodRes.success) error(400, "Invalid request body");
const { answer, answerSig } = zodRes.data;
const { id, answerSig } = zodRes.data;
await verifySessionUpgradeChallenge(sessionId, locals.ip, answer, answerSig);
await verifySessionUpgradeChallenge(sessionId, locals.ip, id, answerSig);
return text("Session upgraded", { headers: { "Content-Type": "text/plain" } });
};