gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2026-05-08 21:41:23 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

check for valid referer uri when logging in

Browse Source
This commit is contained in:
Uwe Steinmann 2026-04-20 16:23:04 +02:00
parent 8cc8e74fa1
commit 378a960b82
2 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG
View File

@ -4,6 +4,7 @@
- output and check for reasonable values of upload_max_filesize, post_max_size and memory_limit
- remove null bytes from login
- remove null bytes from password when authenticating by ldap
- check for valid referer uri when logging in
--------------------------------------------------------------------------------
Changes in version 5.1.46

10
op/op.Login.php
View File

@ -71,15 +71,15 @@ if(isset($_REQUEST["lang"]) && strlen($_REQUEST["lang"])>0 && is_numeric(array_s
$session = new Session($db);
// TODO: by the PHP manual: The superglobals $_GET and $_REQUEST are already decoded.
// Using urldecode() on an element in $_GET or $_REQUEST could have unexpected and dangerous results.
$referuri = '';
if (isset($_POST["referuri"]) && strlen($_POST["referuri"])>0) {
$referuri = trim(urldecode($_POST["referuri"]));
$referuri = trim($_POST["referuri"]);
}
else if (isset($_GET["referuri"]) && strlen($_GET["referuri"])>0) {
$referuri = trim(urldecode($_GET["referuri"]));
$referuri = trim($_GET["referuri"]);
}
if ($referuri !== '' && !preg_match('#^/[A-Za-z0-9/_\-.?=&]*$#', $referuri)) {
$referuri = '';
}
add_log_line();