Server : Apache System : Linux server2.corals.io 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 15 09:17:08 EST 2021 x86_64 User : corals ( 1002) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system Directory : /home/corals/clinic.corals.io/app/Http/Middleware/ |
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Mews\Purifier\Facades\Purifier;
/**
* Class XSS
*/
class XSS
{
/**
* @param Request $request
*
* @param Closure $next
*
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($request->route()->getName() == 'cms.update') {
return $next($request);
}
$input = $request->all();
array_walk_recursive($input, function (&$input) {
$input = (is_null($input)) ? null : Purifier::clean(html_entity_decode($input));
});
$request->merge($input);
return $next($request);
}
}