From dbced6ac8c122280966e807ad93ba63d4798f8bc Mon Sep 17 00:00:00 2001 From: Stephen Rees-Carter Date: Tue, 16 Aug 2022 01:19:56 +1000 Subject: [PATCH] Add ValidateSignature middleware for ignore params (#5942) * Add ValidateSignature middleware for ignore params * Comment out query parameters by default * Remove leading slash * Update Kernel ValidateSignature middleware path --- app/Http/Kernel.php | 2 +- app/Http/Middleware/ValidateSignature.php | 22 ++++++++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) create mode 100644 app/Http/Middleware/ValidateSignature.php diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index c3be2544b..007968811 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -60,7 +60,7 @@ class Kernel extends HttpKernel 'can' => \Illuminate\Auth\Middleware\Authorize::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class, - 'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class, + 'signed' => \App\Http\Middleware\ValidateSignature::class, 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, 'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class, ]; diff --git a/app/Http/Middleware/ValidateSignature.php b/app/Http/Middleware/ValidateSignature.php new file mode 100644 index 000000000..2233b20f2 --- /dev/null +++ b/app/Http/Middleware/ValidateSignature.php @@ -0,0 +1,22 @@ + + */ + protected $ignore = [ + //'utm_campaign', + //'utm_source', + //'utm_medium', + //'utm_content', + //'utm_term', + //'fbclid', + ]; +}