diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2015-04-11 16:41:20 +0200 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2015-04-11 16:41:20 +0200 |
| commit | bca1b96b2e9235bbb4a3e7a104dd79e7f3761679 (patch) | |
| tree | 64617560c2d7fcfe41b61b0cf90655662d49e83b | |
| parent | eed355b798ec77ed8b67555087fc5866b522c5fc (diff) | |
| download | forums-bca1b96b2e9235bbb4a3e7a104dd79e7f3761679.tar forums-bca1b96b2e9235bbb4a3e7a104dd79e7f3761679.tar.gz forums-bca1b96b2e9235bbb4a3e7a104dd79e7f3761679.tar.bz2 forums-bca1b96b2e9235bbb4a3e7a104dd79e7f3761679.tar.xz forums-bca1b96b2e9235bbb4a3e7a104dd79e7f3761679.zip | |
[ticket/security-180] Make sure that redirect goes to full URL plus slash
SECURITY-180
| -rw-r--r-- | phpBB/includes/functions.php | 2 | ||||
| -rw-r--r-- | tests/security/redirect_test.php | 3 |
2 files changed, 4 insertions, 1 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index f79a0a9e52..a6a98954de 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2580,7 +2580,7 @@ function redirect($url, $return = false, $disable_cd_check = false) } // Make sure we don't redirect to external URLs - if (!$disable_cd_check && strpos($url, generate_board_url(true)) !== 0) + if (!$disable_cd_check && strpos($url, generate_board_url(true) . '/') !== 0) { trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR); } diff --git a/tests/security/redirect_test.php b/tests/security/redirect_test.php index 872a331dc7..46ec5c8edb 100644 --- a/tests/security/redirect_test.php +++ b/tests/security/redirect_test.php @@ -24,6 +24,9 @@ class phpbb_security_redirect_test extends phpbb_security_test_base array("http://localhost/phpBB/memberlist.php\n\rConnection: close", 'Tried to redirect to potentially insecure url.', false), array('javascript:test', false, 'http://localhost/phpBB/../javascript:test'), array('http://localhost/phpBB/index.php;url=', 'Tried to redirect to potentially insecure url.', false), + array('https://foobar.com\@http://localhost/phpBB', false, 'http://localhost/phpBB'), + array('https://foobar.com\@localhost/troll/http://localhost/', 'Tried to redirect to potentially insecure url.', false), + array('http://localhost.foobar.com\@localhost/troll/http://localhost/', 'Tried to redirect to potentially insecure url.', false), ); } |