QT/InvoiceShelf
1
0
Fork 0
mirror of https://github.com/InvoiceShelf/InvoiceShelf.git synced 2026-04-11 07:24:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Addresses SSRF risk

Browse Source
This commit is contained in:
mchev
2026-03-21 19:14:51 +01:00
parent d4e19646ee
commit 07757e747e
7 changed files with 124 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/Models/Payment.php
View File

@@ -6,6 +6,7 @@ use App\Facades\Hashids;
use App\Jobs\GeneratePaymentPdfJob;
use App\Mail\SendPaymentMail;
use App\Services\SerialNumberFormatter;
use App\Support\PdfHtmlSanitizer;
use App\Traits\GeneratesPdfTrait;
use App\Traits\HasCustomFieldsTrait;
use Barryvdh\DomPDF\Facade\Pdf as PDF;
@@ -433,7 +434,7 @@ class Payment extends Model implements HasMedia
public function getNotes()
{
return $this->getFormattedString($this->notes);
return PdfHtmlSanitizer::sanitize($this->getFormattedString($this->notes));
}
public function getEmailBody($body)