diff options
| -rw-r--r-- | phpBB/phpbb/session.php | 6 | ||||
| -rw-r--r-- | phpBB/phpbb/symfony_request.php | 10 | ||||
| -rw-r--r-- | tests/functions/build_url_test.php | 6 | ||||
| -rw-r--r-- | tests/security/extract_current_page_test.php | 28 |
4 files changed, 12 insertions, 38 deletions
diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php index a06ff9c594..14b4c63207 100644 --- a/phpBB/phpbb/session.php +++ b/phpBB/phpbb/session.php @@ -43,7 +43,7 @@ class session // First of all, get the request uri... $script_name = $symfony_request->getScriptName(); - $args = explode('&', $symfony_request->getQueryString()); + $args = explode('&', $symfony_request->getQueryString()); // If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support... if (!$script_name) @@ -61,8 +61,8 @@ class session // Since some browser do not encode correctly we need to do this with some "special" characters... // " -> %22, ' => %27, < -> %3C, > -> %3E - $find = array('"', "'", '<', '>', '"', '<', '>'); - $replace = array('%22', '%27', '%3C', '%3E', '%22', '%3C', '%3E'); + $find = array('"', "'", '<', '>'); + $replace = array('%22', '%27', '%3C', '%3E'); foreach ($args as $key => $argument) { diff --git a/phpBB/phpbb/symfony_request.php b/phpBB/phpbb/symfony_request.php index 02d22c480f..ad949a35f2 100644 --- a/phpBB/phpbb/symfony_request.php +++ b/phpBB/phpbb/symfony_request.php @@ -30,12 +30,6 @@ class symfony_request extends Request $type_cast_helper->set_var($value, $value, gettype($value), true); }; - // This function is meant for additional handling of server variables - $server_sanitizer = function(&$value, $key) use ($sanitizer) { - $sanitizer($value, $key); - $value = str_replace('&', '&', $value); - }; - $get_parameters = $phpbb_request->get_super_global(\phpbb\request\request_interface::GET); $post_parameters = $phpbb_request->get_super_global(\phpbb\request\request_interface::POST); $server_parameters = $phpbb_request->get_super_global(\phpbb\request\request_interface::SERVER); @@ -44,12 +38,10 @@ class symfony_request extends Request array_walk_recursive($get_parameters, $sanitizer); array_walk_recursive($post_parameters, $sanitizer); + array_walk_recursive($server_parameters, $sanitizer); array_walk_recursive($files_parameters, $sanitizer); array_walk_recursive($cookie_parameters, $sanitizer); - // Run special sanitizer for server superglobal - array_walk_recursive($server_parameters, $server_sanitizer); - parent::__construct($get_parameters, $post_parameters, array(), $cookie_parameters, $files_parameters, $server_parameters); } } diff --git a/tests/functions/build_url_test.php b/tests/functions/build_url_test.php index 5cfd1300de..06415a424e 100644 --- a/tests/functions/build_url_test.php +++ b/tests/functions/build_url_test.php @@ -69,11 +69,6 @@ class phpbb_build_url_test extends phpbb_test_case array('f', 'style', 't'), 'http://test.phpbb.com/viewtopic.php?', ), - array( - 'posting.php?f=2&mode=delete&p=20%22%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E', - false, - 'phpBB/posting.php?f=2&mode=delete&p=20%22%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E', - ) ); } @@ -85,7 +80,6 @@ class phpbb_build_url_test extends phpbb_test_case global $user, $phpbb_root_path; $user->page['page'] = $page; - $output = build_url($strip_vars); $this->assertEquals($expected, $output); diff --git a/tests/security/extract_current_page_test.php b/tests/security/extract_current_page_test.php index c127b69b2b..58dea68dc8 100644 --- a/tests/security/extract_current_page_test.php +++ b/tests/security/extract_current_page_test.php @@ -37,16 +37,16 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base )); $symfony_request->expects($this->any()) ->method('getScriptName') - ->will($this->returnValue($this->sanitizer($url))); + ->will($this->returnValue($url)); $symfony_request->expects($this->any()) ->method('getQueryString') - ->will($this->returnValue($this->sanitizer($query_string))); + ->will($this->returnValue($query_string)); $symfony_request->expects($this->any()) ->method('getBasePath') ->will($this->returnValue($server['REQUEST_URI'])); - $symfony_request->expects($this->sanitizer($this->any())) + $symfony_request->expects($this->any()) ->method('getPathInfo') - ->will($this->returnValue($this->sanitizer('/'))); + ->will($this->returnValue('/')); $result = \phpbb\session::extract_current_page('./'); $label = 'Running extract_current_page on ' . $query_string . ' with PHP_SELF filled.'; @@ -65,32 +65,20 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base )); $symfony_request->expects($this->any()) ->method('getScriptName') - ->will($this->returnValue($this->sanitizer($url))); + ->will($this->returnValue($url)); $symfony_request->expects($this->any()) ->method('getQueryString') - ->will($this->returnValue($this->sanitizer($query_string))); + ->will($this->returnValue($query_string)); $symfony_request->expects($this->any()) ->method('getBasePath') - ->will($this->returnValue($this->sanitizer($server['REQUEST_URI']))); + ->will($this->returnValue($server['REQUEST_URI'])); $symfony_request->expects($this->any()) ->method('getPathInfo') - ->will($this->returnValue($this->sanitizer('/'))); + ->will($this->returnValue('/')); $result = \phpbb\session::extract_current_page('./'); $label = 'Running extract_current_page on ' . $query_string . ' with REQUEST_URI filled.'; $this->assertEquals($expected, $result['query_string'], $label); } - - protected function sanitizer($value) - { - // Fix for objects passed in phpunit - if (is_object($value)) - { - return $value; - } - $type_cast_helper = new \phpbb\request\type_cast_helper(); - $type_cast_helper->set_var($value, $value, gettype($value), true); - return str_replace('&', '&', $value); - } } |