/[smeserver]/rpms/e-smith-manager/sme8/e-smith-manager-2.2.0-bz9923-badredirection.patch
ViewVC logotype

Diff of /rpms/e-smith-manager/sme8/e-smith-manager-2.2.0-bz9923-badredirection.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.1 by unnilennium, Mon Jan 16 23:48:53 2017 UTC Revision 1.2 by unnilennium, Thu Jan 19 23:40:56 2017 UTC
# Line 1  Line 1 
 diff -Nur e-smith-manager-2.2.0.old/root/etc/e-smith/web/common/cgi-bin/login e-smith-manager-2.2.0/root/etc/e-smith/web/common/cgi-bin/login  
1  --- e-smith-manager-2.2.0.old/root/etc/e-smith/web/common/cgi-bin/login 2014-02-18 01:29:31.000000000 -0500  --- e-smith-manager-2.2.0.old/root/etc/e-smith/web/common/cgi-bin/login 2014-02-18 01:29:31.000000000 -0500
2  +++ e-smith-manager-2.2.0/root/etc/e-smith/web/common/cgi-bin/login     2017-01-16 18:46:16.332000000 -0500  +++ e-smith-manager-2.2.0/root/etc/e-smith/web/common/cgi-bin/login     2017-01-19 18:39:17.951000000 -0500
3  @@ -161,8 +161,7 @@  @@ -130,6 +130,13 @@
4     # If $back domain doesn't match $AUTH_DOMAIN, pass ticket via back GET param   my $ip_addr = $at->ignore_ip ? undef : $ENV{REMOTE_ADDR};
5     my $domain = $AUTH_DOMAIN || $server_name;   my $redirected = 0;
6     if ($b->host !~ m/\b$domain$/i) {  
7  -    $back .= $b->query ? '&' : '?';  +my $b = URI->new($back);
8  -    $back .= $at->cookie_name . '=' . $tkt;  +# If $back domain doesn't match $AUTH_DOMAIN, stop there do not give opportunity to log in
9    +my $domain = $AUTH_DOMAIN || $server_name;
10    +if ($b->host !~ m/\b$domain$/i) {
11  +    $fatal="Bad redirection parameter: \"$back\" is not an authorized redirection.<br />\nYou may be experiencing an attack.<br />\nLogin is not possible on the above URL for your own security.<br />\nPlease manually enter the address you were trying to reach if you followed a link.";  +    $fatal="Bad redirection parameter: \"$back\" is not an authorized redirection.<br />\nYou may be experiencing an attack.<br />\nLogin is not possible on the above URL for your own security.<br />\nPlease manually enter the address you were trying to reach if you followed a link.";
12     }  +  }
13    +
14     # ------------------------------------------------------------------------
15     # Set the auth cookie and redirect to $back
16     my $set_cookie_redirect = sub {
17    @@ -157,14 +164,6 @@
18       print $q->header( -cookie => $cookie );
19     #return 0 if $debug;
20    
21    -  my $b = URI->new($back);
22    -  # If $back domain doesn't match $AUTH_DOMAIN, pass ticket via back GET param
23    -  my $domain = $AUTH_DOMAIN || $server_name;
24    -  if ($b->host !~ m/\b$domain$/i) {
25    -    $back .= $b->query ? '&' : '?';
26    -    $back .= $at->cookie_name . '=' . $tkt;
27    -  }
28    -
29     # For some reason, using a Location: header doesn't seem to then see the     # For some reason, using a Location: header doesn't seem to then see the
30       #   cookie, but a meta refresh one does - weird
31       print $q->start_html(

Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed