diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2015-04-10 18:02:58 +0200 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2015-04-10 18:10:32 +0200 |
| commit | eed355b798ec77ed8b67555087fc5866b522c5fc (patch) | |
| tree | 83b183d86c1c6b6d8d91319a07b4b5a83c40ad40 | |
| parent | 35d2467c94e8bb4b7c9c4919d5c6a3c98e0c85ed (diff) | |
| download | forums-eed355b798ec77ed8b67555087fc5866b522c5fc.tar forums-eed355b798ec77ed8b67555087fc5866b522c5fc.tar.gz forums-eed355b798ec77ed8b67555087fc5866b522c5fc.tar.bz2 forums-eed355b798ec77ed8b67555087fc5866b522c5fc.tar.xz forums-eed355b798ec77ed8b67555087fc5866b522c5fc.zip | |
[ticket/security-180] Check if redirect URL contains board URL
SECURITY-180
| -rw-r--r-- | phpBB/includes/functions.php | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index f0657b9016..f79a0a9e52 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2579,6 +2579,12 @@ function redirect($url, $return = false, $disable_cd_check = false) } } + // Make sure we don't redirect to external URLs + if (!$disable_cd_check && strpos($url, generate_board_url(true)) !== 0) + { + trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR); + } + // Make sure no linebreaks are there... to prevent http response splitting for PHP < 4.4.2 if (strpos(urldecode($url), "\n") !== false || strpos(urldecode($url), "\r") !== false || strpos($url, ';') !== false) { |