7 år sedan · ac25b869cd
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
 
				+03-JUN-2018: 8.7.4
			
 
				+
			
 
				+- Fixes possible SSRF in proxy servlet
			
 
				+
			
 
				 02-JUN-2018: 8.7.3
			
 
				 
			
 
				 - Fixes overridden layout menu
			
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
 
				-8.7.3
			
 
				+8.7.4
			
--- a/src/main/java/com/mxgraph/online/ProxyServlet.java
+++ b/src/main/java/com/mxgraph/online/ProxyServlet.java
@@ -63,7 +63,7 @@ public class ProxyServlet extends HttpServlet
 
				 			dom = "";
			
 
				 		}
			
 
				 
			
 
				-		if (dom != null && urlParam != null)
			
 
				+		if (dom != null && urlParam != null && (urlParam.startsWith("http://") || urlParam.startsWith("https://")))
			
 
				 		{
			
 
				 			request.setCharacterEncoding("UTF-8");
			
 
				 			response.setCharacterEncoding("UTF-8");
			
--- a/src/main/webapp/cache.manifest
+++ b/src/main/webapp/cache.manifest
@@ -1,7 +1,7 @@
 
				 CACHE MANIFEST
			
 
				 
			
 
				 # THIS FILE WAS GENERATED. DO NOT MODIFY!
			
 
				-# 06/02/2018 02:05 PM
			
 
				+# 06/03/2018 08:54 AM
			
 
				 
			
 
				 app.html
			
 
				 index.html?offline=1
			
--- a/src/main/webapp/js/app.min.js
+++ b/src/main/webapp/js/app.min.js
--- a/src/main/webapp/js/atlas.min.js
+++ b/src/main/webapp/js/atlas.min.js
--- a/src/main/webapp/js/embed-static.min.js
+++ b/src/main/webapp/js/embed-static.min.js
--- a/src/main/webapp/js/reader.min.js
+++ b/src/main/webapp/js/reader.min.js
@@ -1 +1 @@
 				-8.7.3
 				+8.7.4