1
0
mirror of https://github.com/silverstripe/silverstripe-cms synced 2024-10-22 08:05:56 +02:00

Merge remote-tracking branch 'security/3.4.6' into 3.5.4

This commit is contained in:
Daniel Hensby 2017-05-29 01:02:55 +01:00
commit 11e2175ec8
No known key found for this signature in database
GPG Key ID: B00D1E9767F0B06E
3 changed files with 29 additions and 12 deletions

View File

@ -409,11 +409,7 @@ class CMSPageHistoryController extends CMSMain {
"ID" => $id, "ID" => $id,
"Version" => $fromVersion, "Version" => $fromVersion,
)); ));
foreach($form->Fields()->dataFields() as $field) {
$field->dontEscape = true;
}
return $form; return $form;
} }

View File

@ -106,13 +106,23 @@ class RedirectorPage extends Page {
public function onBeforeWrite() { public function onBeforeWrite() {
parent::onBeforeWrite(); parent::onBeforeWrite();
// Prefix the URL with "http://" if no prefix is found if ($this->ExternalURL && substr($this->ExternalURL, 0, 2) !== '//') {
if( $urlParts = parse_url($this->ExternalURL);
$this->ExternalURL if ($urlParts) {
&& !parse_url($this->ExternalURL, PHP_URL_SCHEME) if (empty($urlParts['scheme'])) {
&& !preg_match('#^//#', $this->ExternalURL) // no scheme, assume http
) { $this->ExternalURL = 'http://' . $this->ExternalURL;
$this->ExternalURL = 'http://' . $this->ExternalURL; } elseif (!in_array($urlParts['scheme'], array(
'http',
'https',
))) {
// we only allow http(s) urls
$this->ExternalURL = '';
}
} else {
// malformed URL to reject
$this->ExternalURL = '';
}
} }
} }

View File

@ -80,6 +80,17 @@ class RedirectorPageTest extends FunctionalTest {
RedirectorPage_Controller::remove_extension('RedirectorPageTest_RedirectExtension'); RedirectorPage_Controller::remove_extension('RedirectorPageTest_RedirectExtension');
} }
public function testNoJSLinksAllowed()
{
$page = new RedirectorPage();
$js = 'javascript:alert("hello world")';
$page->ExternalURL = $js;
$this->assertEquals($js, $page->ExternalURL);
$page->write();
$this->assertEmpty($page->ExternalURL);
}
} }
class RedirectorPageTest_RedirectExtension extends Extension implements TestOnly { class RedirectorPageTest_RedirectExtension extends Extension implements TestOnly {