Dokploy/dokploy
1
0
Fork 0
mirror of https://github.com/Dokploy/dokploy.git synced 2026-06-20 06:35:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(wss): add container ID validation to enhance security in WebSocket server

Browse Source
This commit is contained in:
Mauricio Siu
2026-01-27 09:20:29 -06:00
parent 15e90e9ca9
commit 24c1c2a377
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
apps/dokploy/server/wss/docker-container-logs.ts
View File

@@ -3,7 +3,7 @@ import { findServerById, IS_CLOUD, validateRequest } from "@dokploy/server";
import { spawn } from "node-pty";
import { Client } from "ssh2";
import { WebSocketServer } from "ws";
import { getShell } from "./utils";
import { getShell, isValidContainerId } from "./utils";
export const setupDockerContainerLogsWebSocketServer = (
server: http.Server<typeof http.IncomingMessage, typeof http.ServerResponse>,
@@ -42,6 +42,12 @@ export const setupDockerContainerLogsWebSocketServer = (
return;
}
// Security: Validate containerId to prevent command injection
if (!isValidContainerId(containerId)) {
ws.close(4000, "Invalid container ID format");
return;
}
if (!user || !session) {
ws.close();
return;