1 |
diff -Nur e-smith-manager-2.6.0.old/root/etc/e-smith/web/common/cgi-bin/login e-smith-manager-2.6.0/root/etc/e-smith/web/common/cgi-bin/login |
diff -Nur e-smith-manager-2.6.0.old/root/etc/e-smith/web/common/cgi-bin/login e-smith-manager-2.6.0/root/etc/e-smith/web/common/cgi-bin/login |
2 |
--- e-smith-manager-2.6.0.old/root/etc/e-smith/web/common/cgi-bin/login 2017-01-16 18:17:33.780000000 -0500 |
--- e-smith-manager-2.6.0.old/root/etc/e-smith/web/common/cgi-bin/login 2017-01-19 16:44:33.747000000 -0500 |
3 |
+++ e-smith-manager-2.6.0/root/etc/e-smith/web/common/cgi-bin/login 2017-01-16 18:59:16.748000000 -0500 |
+++ e-smith-manager-2.6.0/root/etc/e-smith/web/common/cgi-bin/login 2017-01-19 16:53:20.795000000 -0500 |
4 |
@@ -160,8 +160,7 @@ |
@@ -129,6 +129,13 @@ |
5 |
# If $back domain doesn't match $AUTH_DOMAIN, pass ticket via back GET param |
my $ip_addr = $at->ignore_ip ? undef : $ENV{REMOTE_ADDR}; |
6 |
my $domain = $AUTH_DOMAIN || $server_name; |
my $redirected = 0; |
7 |
if ($b->host !~ m/\b$domain$/i) { |
|
8 |
- $back .= $b->query ? '&' : '?'; |
+my $b = URI->new($back); |
9 |
- $back .= $at->cookie_name . '=' . $tkt; |
+# If $back domain doesn't match $AUTH_DOMAIN, stop there do not give opportunity to log in |
10 |
|
+my $domain = $AUTH_DOMAIN || $server_name; |
11 |
|
+if ($b->host !~ m/\b$domain$/i) { |
12 |
+ $fatal="Bad redirection parameter: \"$back\" is not an authorized redirection.<br />\nYou may be experiencing an attack.<br />\nLogin is not possible on the above URL for your own security.<br />\nPlease manually enter the address you were trying to reach if you followed a link."; |
+ $fatal="Bad redirection parameter: \"$back\" is not an authorized redirection.<br />\nYou may be experiencing an attack.<br />\nLogin is not possible on the above URL for your own security.<br />\nPlease manually enter the address you were trying to reach if you followed a link."; |
13 |
} |
+ } |
14 |
|
+ |
15 |
|
# ------------------------------------------------------------------------ |
16 |
|
# Set the auth cookie and redirect to $back |
17 |
|
my $set_cookie_redirect = sub { |
18 |
|
@@ -156,14 +163,6 @@ |
19 |
|
print $q->header( -cookie => $cookie ); |
20 |
|
#return 0 if $debug; |
21 |
|
|
22 |
|
- my $b = URI->new($back); |
23 |
|
- # If $back domain doesn't match $AUTH_DOMAIN, pass ticket via back GET param |
24 |
|
- my $domain = $AUTH_DOMAIN || $server_name; |
25 |
|
- if ($b->host !~ m/\b$domain$/i) { |
26 |
|
- $back .= $b->query ? '&' : '?'; |
27 |
|
- $back .= $at->cookie_name . '=' . $tkt; |
28 |
|
- } |
29 |
|
- |
30 |
# For some reason, using a Location: header doesn't seem to then see the |
# For some reason, using a Location: header doesn't seem to then see the |
31 |
|
# cookie, but a meta refresh one does - weird |
32 |
|
print $q->start_html( |