aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--phpBB/includes/functions.php2
-rw-r--r--tests/security/redirect_test.php3
2 files changed, 4 insertions, 1 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index f79a0a9e52..a6a98954de 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -2580,7 +2580,7 @@ function redirect($url, $return = false, $disable_cd_check = false)
}
// Make sure we don't redirect to external URLs
- if (!$disable_cd_check && strpos($url, generate_board_url(true)) !== 0)
+ if (!$disable_cd_check && strpos($url, generate_board_url(true) . '/') !== 0)
{
trigger_error('Tried to redirect to potentially insecure url.', E_USER_ERROR);
}
diff --git a/tests/security/redirect_test.php b/tests/security/redirect_test.php
index 872a331dc7..46ec5c8edb 100644
--- a/tests/security/redirect_test.php
+++ b/tests/security/redirect_test.php
@@ -24,6 +24,9 @@ class phpbb_security_redirect_test extends phpbb_security_test_base
array("http://localhost/phpBB/memberlist.php\n\rConnection: close", 'Tried to redirect to potentially insecure url.', false),
array('javascript:test', false, 'http://localhost/phpBB/../javascript:test'),
array('http://localhost/phpBB/index.php;url=', 'Tried to redirect to potentially insecure url.', false),
+ array('https://foobar.com\@http://localhost/phpBB', false, 'http://localhost/phpBB'),
+ array('https://foobar.com\@localhost/troll/http://localhost/', 'Tried to redirect to potentially insecure url.', false),
+ array('http://localhost.foobar.com\@localhost/troll/http://localhost/', 'Tried to redirect to potentially insecure url.', false),
);
}
generated by cgit v1.2.1 (git 2.21.0) at 2024-06-25 03:27:26 +0000