From 87fb228b0a36a68da0d55e537066ef62853bfb17 Mon Sep 17 00:00:00 2001 From: andrew Date: Fri, 27 Feb 2004 13:45:37 +0000 Subject: [PATCH] Type: Functionality change Description: Includes XSS attack prevention. Behaviour before fix: XSS attack could be performed on login.php. Behaviour after fix: XSS attacks seem unsuccessful after patch. Credit: Thanks to Jonathan E. Hawkins for pointing out this bug. --- presentation/login.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/presentation/login.php b/presentation/login.php index f4bcc13..3d16588 100644 --- a/presentation/login.php +++ b/presentation/login.php @@ -2,6 +2,7 @@ // main library routines and defaults require_once("../config/dmsDefaults.php"); +require_once("../lib/sanitize.inc"); /** * $Id$ * @@ -69,7 +70,7 @@ if ($loginAction == "loginForm") {
Please enter your details below to login - " . urldecode($errorMessage) . " + " . sanitize($errorMessage) . " \tUsername: \t \tPassword: @@ -111,7 +112,7 @@ if ($loginAction == "loginForm") { // check for a location to forward to if (isset($redirect) && strlen(trim($redirect))>0) { - $redirect = urldecode($redirect); + $redirect = sanitize($redirect); // remove any params from redirect before looking up from sitemap if (strstr($redirect, "?")) { $queryString = substr($redirect, strpos($redirect, "?")+1, strlen($redirect)); @@ -162,4 +163,4 @@ if ($loginAction == "loginForm") { // redirect to root redirect($default->rootUrl); } -?> \ No newline at end of file +?> -- libgit2 0.21.4