Fixing @ in POST parameters which could cause sending file from filesystem as POST data.

This commit is contained in:
Alexey Skobkin 2017-01-06 00:13:50 +03:00
parent d9082a3a71
commit b712307782

View file

@ -79,6 +79,11 @@ class AbstractApi
*/
public function sendPostRequest($path, array $parameters = [])
{
// Cleaning POST parameters from potential @file injections
array_walk($parameters, function (string &$value, string $key) {
str_replace('@', '', $value);
});
/** @var GuzzleRequest $request */
$request = $this->client->post($path, null, $parameters);