diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[HttpKernel] Fix the URI signer (closes #6801)

Browse Source
This commit is contained in:
Victor 2013-01-18 16:51:39 +01:00 committed by Fabien Potencier
parent 3848e84c24
commit 3fee9c0f80
1 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/Symfony/Component/HttpKernel/UriSigner.php
View File

@ -58,14 +58,11 @@ class UriSigner
*/
public function check($uri)
{
if (!preg_match('/(\?|&)_hash=(.+?)$/', $uri, $matches, PREG_OFFSET_CAPTURE)) {
if (!preg_match('/(.*)(?:\?|&)_hash=(.+?)$/', $uri, $matches)) {
return false;
}
// the naked URI is the URI without the _hash parameter (we need to keep the ? if there is some other parameters after)
$nakedUri = substr($uri, 0, $matches[0][1]).substr($uri, $matches[0][1] + strlen($matches[0][0]));
return $this->computeHash($nakedUri) === $matches[2][0];
return $this->computeHash($matches[1]) === $matches[2];
}
private function computeHash($uri)