1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-13 10:22:42 +01:00
phorge-phorge/src/applications/phortune
epriestley df361470c1 Be more strict about "Location:" redirects
Summary:
Via HackerOne. Chrome (at least) interprets backslashes like forward slashes, so a redirect to "/\evil.com" is the same as a redirect to "//evil.com".

  - Reject local URIs with backslashes (we never generate these).
  - Fully-qualify all "Location:" redirects.
  - Require external redirects to be marked explicitly.

Test Plan:
  - Expanded existing test coverage.
  - Verified that neither Diffusion nor Phriction can generate URIs with backslashes (they are escaped in Diffusion, and removed by slugging in Phriction).
  - Logged in with Facebook (OAuth2 submits a form to the external site, and isn't affected) and Twitter (OAuth1 redirects, and is affected).
  - Went through some local redirects (login, save-an-object).
  - Verified file still work.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D10291
2014-08-18 14:11:06 -07:00
..
application Provide a purchase detail view in Phortune 2014-08-18 13:15:21 -07:00
constants General cleanup for adding payment methods in Phortune 2013-04-25 09:49:32 -07:00
control Convert AphrontFormControl to safe HTML 2013-02-05 15:52:46 -08:00
controller Provide a purchase detail view in Phortune 2014-08-18 13:15:21 -07:00
currency Phortune Charges 2014-07-23 10:36:12 -07:00
editor Modularize mail tags 2014-08-12 12:28:41 -07:00
exception Implement Balanced Payments as a PhortunePaymentProvider 2013-04-25 09:48:04 -07:00
option Change double quotes to single quotes. 2014-06-09 11:36:50 -07:00
provider Be more strict about "Location:" redirects 2014-08-18 14:11:06 -07:00
query Provide a purchase detail view in Phortune 2014-08-18 13:15:21 -07:00
storage Provide a purchase detail view in Phortune 2014-08-18 13:15:21 -07:00
view General cleanup for adding payment methods in Phortune 2013-04-25 09:49:32 -07:00