mirror of
https://we.phorge.it/source/phorge.git
synced 2025-01-06 04:41:01 +01:00
1c32c9b965
Summary: Ref T6755. This is a partial fix, but: - Allow netblocks to be blacklisted instead of making the feature all-or-nothing. - Default to disallow requests to all reserved private/local/special IP blocks. This should generally be a "safe" setting. - Explain the risks better. - Improve the errors rasied by Macro when failing. - Removed `security.allow-outbound-http`, as it is superseded by this setting and is somewhat misleading. - We still make outbound HTTP requests to OAuth. - We still make outbound HTTP requests for repositories. From a technical perspective: - Separate URIs that are safe to link to or redirect to (basically, not "javascript://") from URIs that are safe to fetch (nothing in a private block). - Add the default blacklist. - Be more careful with response data in Macro fetching, and don't let the user see it if it isn't ultimately valid. Additionally: - I want to do this check before pulling repositories, but that's enough of a mess that it should go in a separate diff. - The future implementation of T4190 needs to perform the fetch check. Test Plan: - Fetched a valid macro. - Fetched a non-image, verified it didn't result in a viewable file. - Fetched a private-ip-space image, got an error. - Fetched a 404, got a useful-enough error without additional revealing response content (which is usually HTML anyway and not useful). - Fetched a bad protocol, got an error. - Linked to a local resource, a phriction page, a valid remote site, all worked. - Linked to private IP space, which worked fine (we want to let you link and redierect to other private services, just not fetch them). - Added and executed unit tests. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T6755 Differential Revision: https://secure.phabricator.com/D12136 |
||
|---|---|---|
| .. | ||
| PhabricatorAPCSetupCheck.php | ||
| PhabricatorAuthSetupCheck.php | ||
| PhabricatorBaseURISetupCheck.php | ||
| PhabricatorBinariesSetupCheck.php | ||
| PhabricatorDaemonsSetupCheck.php | ||
| PhabricatorDatabaseSetupCheck.php | ||
| PhabricatorElasticSetupCheck.php | ||
| PhabricatorExtensionsSetupCheck.php | ||
| PhabricatorExtraConfigSetupCheck.php | ||
| PhabricatorFileinfoSetupCheck.php | ||
| PhabricatorGDSetupCheck.php | ||
| PhabricatorImagemagickSetupCheck.php | ||
| PhabricatorInvalidConfigSetupCheck.php | ||
| PhabricatorMailSetupCheck.php | ||
| PhabricatorMySQLSetupCheck.php | ||
| PhabricatorPathSetupCheck.php | ||
| PhabricatorPHPConfigSetupCheck.php | ||
| PhabricatorPygmentSetupCheck.php | ||
| PhabricatorRepositoriesSetupCheck.php | ||
| PhabricatorSecuritySetupCheck.php | ||
| PhabricatorSetupCheck.php | ||
| PhabricatorStorageSetupCheck.php | ||
| PhabricatorTimezoneSetupCheck.php | ||