Mercurial > hg > isophonics-drupal-site
comparison core/lib/Drupal/Core/Security/RequestSanitizer.php @ 17:129ea1e6d783
Update, including to Drupal core 8.6.10
| author | Chris Cannam |
|---|---|
| date | Thu, 28 Feb 2019 13:21:36 +0000 |
| parents | c2387f117808 |
| children |
comparison
equal
deleted
inserted
replaced
| 16:c2387f117808 | 17:129ea1e6d783 |
|---|---|
| 88 trigger_error(sprintf($message, implode(', ', $sanitized_keys))); | 88 trigger_error(sprintf($message, implode(', ', $sanitized_keys))); |
| 89 } | 89 } |
| 90 } | 90 } |
| 91 | 91 |
| 92 if ($bag->has('destination')) { | 92 if ($bag->has('destination')) { |
| 93 $destination_dangerous_keys = static::checkDestination($bag->get('destination'), $whitelist); | 93 $destination = $bag->get('destination'); |
| 94 $destination_dangerous_keys = static::checkDestination($destination, $whitelist); | |
| 94 if (!empty($destination_dangerous_keys)) { | 95 if (!empty($destination_dangerous_keys)) { |
| 95 // The destination is removed rather than sanitized because the URL | 96 // The destination is removed rather than sanitized because the URL |
| 96 // generator service is not available and this method is called very | 97 // generator service is not available and this method is called very |
| 97 // early in the bootstrap. | 98 // early in the bootstrap. |
| 98 $bag->remove('destination'); | 99 $bag->remove('destination'); |
| 99 $sanitized = TRUE; | 100 $sanitized = TRUE; |
| 100 if ($log_sanitized_keys) { | 101 if ($log_sanitized_keys) { |
| 101 trigger_error(sprintf('Potentially unsafe destination removed from %s parameter bag because it contained the following keys: %s', $bag_name, implode(', ', $destination_dangerous_keys))); | 102 trigger_error(sprintf('Potentially unsafe destination removed from %s parameter bag because it contained the following keys: %s', $bag_name, implode(', ', $destination_dangerous_keys))); |
| 103 } | |
| 104 } | |
| 105 // Sanitize the destination parameter (which is often used for redirects) | |
| 106 // to prevent open redirect attacks leading to other domains. | |
| 107 if (UrlHelper::isExternal($destination)) { | |
| 108 // The destination is removed because it is an external URL. | |
| 109 $bag->remove('destination'); | |
| 110 $sanitized = TRUE; | |
| 111 if ($log_sanitized_keys) { | |
| 112 trigger_error(sprintf('Potentially unsafe destination removed from %s parameter bag because it points to an external URL.', $bag_name)); | |
| 102 } | 113 } |
| 103 } | 114 } |
| 104 } | 115 } |
| 105 return $sanitized; | 116 return $sanitized; |
| 106 } | 117 } |