1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
<?php
/**
*
* This file is part of the phpBB Forum Software package.
*
* @copyright (c) phpBB Limited <https://www.phpbb.com>
* @license GNU General Public License, version 2 (GPL-2.0)
*
* For full copyright and license information, please see
* the docs/CREDITS.txt file.
*
*/
require_once dirname(__FILE__) . '/base.php';
require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
class phpbb_security_redirect_test extends phpbb_security_test_base
{
protected $path_helper;
public function provider()
{
// array(Input -> redirect(), expected triggered error (else false), expected returned result url (else false))
return array(
array('data://x', false, false, 'http://localhost/phpBB'),
array('bad://localhost/phpBB/index.php', false, 'INSECURE_REDIRECT', false),
array('http://www.otherdomain.com/somescript.php', false, false, 'http://localhost/phpBB'),
array("http://localhost/phpBB/memberlist.php\n\rConnection: close", false, 'INSECURE_REDIRECT', false),
array('javascript:test', false, false, 'http://localhost/phpBB/javascript:test'),
array('http://localhost/phpBB/index.php;url=', false, 'INSECURE_REDIRECT', false),
array('http://localhost/phpBB/app.php/foobar', false, false, 'http://localhost/phpBB/app.php/foobar'),
array('./app.php/foobar', false, false, 'http://localhost/phpBB/app.php/foobar'),
array('app.php/foobar', false, false, 'http://localhost/phpBB/app.php/foobar'),
array('./../app.php/foobar', false, false, 'http://localhost/app.php/foobar'),
array('./../app.php/foobar', true, false, 'http://localhost/app.php/foobar'),
array('./../app.php/foo/bar', false, false, 'http://localhost/app.php/foo/bar'),
array('./../app.php/foo/bar', true, false, 'http://localhost/app.php/foo/bar'),
array('./../foo/bar', false, false, 'http://localhost/foo/bar'),
array('./../foo/bar', true, false, 'http://localhost/foo/bar'),
array('app.php/', false, false, 'http://localhost/phpBB/app.php/'),
array('app.php/a', false, false, 'http://localhost/phpBB/app.php/a'),
array('app.php/a/b', false, false, 'http://localhost/phpBB/app.php/a/b'),
array('./app.php/', false, false, 'http://localhost/phpBB/app.php/'),
array('foobar', false, false, 'http://localhost/phpBB/foobar'),
array('./foobar', false, false, 'http://localhost/phpBB/foobar'),
array('foo/bar', false, false, 'http://localhost/phpBB/foo/bar'),
array('./foo/bar', false, false, 'http://localhost/phpBB/foo/bar'),
array('./../index.php', false, false, 'http://localhost/index.php'),
array('./../index.php', true, false, 'http://localhost/index.php'),
array('../index.php', false, false, 'http://localhost/index.php'),
array('../index.php', true, false, 'http://localhost/index.php'),
array('./index.php', false, false, 'http://localhost/phpBB/index.php'),
);
}
protected function get_path_helper()
{
if (!($this->path_helper instanceof \phpbb\path_helper))
{
$this->path_helper = new \phpbb\path_helper(
new \phpbb\symfony_request(
new phpbb_mock_request()
),
new \phpbb\filesystem(),
$this->getMock('\phpbb\request\request'),
$this->phpbb_root_path,
'php'
);
}
return $this->path_helper;
}
protected function setUp()
{
parent::setUp();
$GLOBALS['config'] = array(
'force_server_vars' => '0',
);
$this->path_helper = $this->get_path_helper();
}
/**
* @dataProvider provider
*/
public function test_redirect($test, $disable_cd_check, $expected_error, $expected_result)
{
global $user, $phpbb_root_path, $phpbb_path_helper;
$phpbb_path_helper = $this->path_helper;
$temp_phpbb_root_path = $phpbb_root_path;
$temp_page_dir = $user->page['page_dir'];
// We need to hack phpbb_root_path and the user's page_dir here
// so it matches the actual fileinfo of the testing script.
// Otherwise the paths are returned incorrectly.
$phpbb_root_path = '';
$user->page['page_dir'] = '';
if ($expected_error !== false)
{
$this->setExpectedTriggerError(E_USER_ERROR, $expected_error);
}
$result = redirect($test, true, $disable_cd_check);
// only verify result if we did not expect an error
if ($expected_error === false)
{
$this->assertEquals($expected_result, $result);
}
$phpbb_root_path = $temp_phpbb_root_path;
$user->page['page_dir'] = $temp_page_dir;
}
}
|