feature #19026 [Security] Strengthen comparison of target_url vs login_path (mrzard)
This PR was merged into the 3.3-dev branch.
Discussion
----------
[Security] Strengthen comparison of target_url vs login_path
| Q | A |
| --- | --- |
| Branch? | "master" |
| Bug fix? | no |
| New feature? | no |
| BC breaks? | no |
| Deprecations? | no |
| Tests pass? | yes |
| Fixed tickets | #18862 |
| License | MIT |
| Doc PR | |
Commits
-------
ac9d75a09e
[Security] Strengthen comparison of target_url vs login_path
This commit is contained in:
commit
bafa8e29e0
@ -122,7 +122,7 @@ class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandle
|
||||
return $targetUrl;
|
||||
}
|
||||
|
||||
if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && $targetUrl !== $this->httpUtils->generateUri($request, $this->options['login_path'])) {
|
||||
if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && parse_url($targetUrl, PHP_URL_PATH) !== $this->httpUtils->generateUri($request, $this->options['login_path'])) {
|
||||
return $targetUrl;
|
||||
}
|
||||
|
||||
|
@ -139,7 +139,7 @@ class DefaultAuthenticationSuccessHandlerTest extends TestCase
|
||||
$this->assertSame($response, $result);
|
||||
}
|
||||
|
||||
public function testRefererHasToBeDifferentThatLoginUrl()
|
||||
public function testRefererHasToBeDifferentThanLoginUrl()
|
||||
{
|
||||
$options = array('use_referer' => true);
|
||||
|
||||
@ -159,6 +159,26 @@ class DefaultAuthenticationSuccessHandlerTest extends TestCase
|
||||
$this->assertSame($response, $result);
|
||||
}
|
||||
|
||||
public function testRefererWithoutParametersHasToBeDifferentThanLoginUrl()
|
||||
{
|
||||
$options = array('use_referer' => true);
|
||||
|
||||
$this->request->headers->expects($this->any())
|
||||
->method('get')->with('Referer')
|
||||
->will($this->returnValue('/subfolder/login?t=1&p=2'));
|
||||
|
||||
$this->httpUtils->expects($this->once())
|
||||
->method('generateUri')->with($this->request, '/login')
|
||||
->will($this->returnValue('/subfolder/login'));
|
||||
|
||||
$response = $this->expectRedirectResponse('/');
|
||||
|
||||
$handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options);
|
||||
$result = $handler->onAuthenticationSuccess($this->request, $this->token);
|
||||
|
||||
$this->assertSame($response, $result);
|
||||
}
|
||||
|
||||
public function testRefererTargetPathIsIgnoredByDefault()
|
||||
{
|
||||
$this->request->headers->expects($this->never())->method('get');
|
||||
|
Reference in New Issue
Block a user