Skip to content
Snippets Groups Projects
Commit 051442bc authored by Michael Gapczynski's avatar Michael Gapczynski
Browse files

Sanitize redirect urls

parent 7dcf38c4
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
index.php
+ 1
1
View file @ 051442bc
...@@ -115,6 +115,6 @@ elseif(OC_User::isLoggedIn()) { ...@@ -115,6 +115,6 @@ elseif(OC_User::isLoggedIn()) {
if(is_null(OC::$REQUESTEDFILE)){ if(is_null(OC::$REQUESTEDFILE)){
$sectoken=rand(1000000,9999999); $sectoken=rand(1000000,9999999);
$_SESSION['sectoken']=$sectoken; $_SESSION['sectoken']=$sectoken;
OC_Template::printGuestPage('', 'login', array('error' => $error, 'sectoken' => $sectoken, 'redirect' => isset($_REQUEST['redirect_url'])?strip_tags($_REQUEST['redirect_url']):'' )); OC_Template::printGuestPage('', 'login', array('error' => $error, 'sectoken' => $sectoken, 'redirect' => isset($_REQUEST['redirect_url'])?htmlentities($_REQUEST['redirect_url']):'' ));
} }
} }
lib/util.php
+ 1
1
View file @ 051442bc
...@@ -312,7 +312,7 @@ class OC_Util { ...@@ -312,7 +312,7 @@ class OC_Util {
*/ */
public static function redirectToDefaultPage(){ public static function redirectToDefaultPage(){
if(isset($_REQUEST['redirect_url'])) { if(isset($_REQUEST['redirect_url'])) {
header( 'Location: '.$_REQUEST['redirect_url']); header( 'Location: '.htmlentities($_REQUEST['redirect_url']));
} else { } else {
header( 'Location: '.OC::$WEBROOT.'/'.OC_Appconfig::getValue('core', 'defaultpage', '?app=files')); header( 'Location: '.OC::$WEBROOT.'/'.OC_Appconfig::getValue('core', 'defaultpage', '?app=files'));
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment