Commit Graph

18 Commits

Author SHA1 Message Date
Ingo Schommer
46064f8f88 SECURITY More solid relative/site URL checks (related to "BackURL" redirection)
Return true for Director::is_absolute_url() checks if they're prefixed with two or more slashes (as browsers interpret this as a valid URL)

More solid URL checks in Director::is_site_url(), using a conservative parse_url() hostname comparison rather than Director::makeRelative(), which is not designed for security purposes
2012-10-16 10:17:07 +02:00
Sean Harvey
11e9e2a348 MINOR Fixed DirectorTest to restore it's REQUEST_URI state to the original one after each test method is run
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@108665 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:44 +13:00
Sean Harvey
54f6acfc21 MINOR Fixed Director::forceSSL() breaking unit tests because headers were already sent
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@108435 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:43 +13:00
Sean Harvey
c140ce7395 MINOR Reverted r108433
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@108434 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:43 +13:00
Sean Harvey
723f472b7f MINOR DirectorTest should not extend from FunctionalTest (regression from r108428)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@108433 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:43 +13:00
Sean Harvey
c52529215f ENHANCEMENT #2856 Limiting of relative URLs for Director::forceSSL() using a map of PCRE regular expressions
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@108428 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:42 +13:00
Ingo Schommer
017943b067 MINOR Added DirectorTest->testURLParam() and DirectorTest->testURLParams()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@104711 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:19:23 +13:00
Andreas Piening
cdada2784d BUGFIX: fixed typing error
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@94721 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:17:59 +13:00
Andreas Piening
848526dfb7 MINOR: test support for superglobals in testrequest
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@94711 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:17:59 +13:00
Andreas Piening
aee97d78c3 MINOR: test support for superglobals in testrequest
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@94710 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 14:17:59 +13:00
Sam Minnee
72bda196e1 MINOR disable realtime publishing for unit tests
MINOR fix a test that makes no sense
MINOR a couple bugs around embargo/expiry have been fixed (from r85505)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@89159 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-10-15 21:47:28 +00:00
Ingo Schommer
47f2deee7f BUGFIX Fixed Director::makeRelative() to accept https:// protocol
BUGFIX Fixed GET-parameter replacement in Director::is_absolute_url()
ENHANCEMENT Added Director::is_relative_url() and Director::is_site_url()
BUGFIX Validating $_FILES array in Director::direct()

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@73250 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-03-17 22:22:55 +00:00
Ingo Schommer
74ab33f23b ENHANCEMENT Added Director::is_absolute_url()
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@71707 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-02-11 21:07:58 +00:00
Ingo Schommer
97fed5ae57 BUGFIX Director::fileExists() fails on windows with absolute paths (#2935) - thanks to ajshort!
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@64098 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-10-12 16:16:25 +00:00
Sam Minnee
2af039785c ENHANCEMENT: Updated cli-script handling to be more in line with web calls, and improved Director::setBaseURL() calls.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@63321 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-09-29 23:41:50 +00:00
Ingo Schommer
b8846a9ab3 MINOR Temporarily disabled RSSFeedTest as its overriding environment variables that should be handled by Director class with Director::setBaseURL() (which is currently not fully working). Added stub-tests for Director.
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@63155 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-09-27 16:04:01 +00:00
Ingo Schommer
60860cc1b9 MINOR Unified @package PHPdoc (added where missing, removed duplicates)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@56212 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-06-15 13:33:53 +00:00
Ingo Schommer
2f51144a85 Merged revisions 47488 via svnmerge from
svn://svn.silverstripe.com/silverstripe/modules/sapphire/branches/2.2.0-mesq

........
  r47488 | ischommer | 2007-12-21 16:03:04 +1300 (Fri, 21 Dec 2007) | 1 line
  
  in fileExists(): replace any appended query-strings, e.g. /path/to/foo.php?bar=1 to /path/to/foo.php
........

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@52186 467b73ca-7a2a-4603-9d3b-597d59a354a9
2008-04-06 04:00:43 +00:00