svn commit: r1022648 - /wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/markup/html/pages/BrowserInfoPage.java

Thu, 14 Oct 2010 11:51:42 -0700 

Author: ivaynberg
Date: Thu Oct 14 18:50:42 2010
New Revision: 1022648

URL: http://svn.apache.org/viewvc?rev=1022648&view=rev
Log:

Issue: WICKET-3106

Modified:
    
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/markup/html/pages/BrowserInfoPage.java

Modified: 
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/markup/html/pages/BrowserInfoPage.java
URL: 
http://svn.apache.org/viewvc/wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/markup/html/pages/BrowserInfoPage.java?rev=1022648&r1=1022647&r2=1022648&view=diff
==============================================================================
--- 
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/markup/html/pages/BrowserInfoPage.java
 (original)
+++ 
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/markup/html/pages/BrowserInfoPage.java
 Thu Oct 14 18:50:42 2010
@@ -74,10 +74,6 @@ public class BrowserInfoPage extends Web
        public BrowserInfoPage(PageParameters parameters)
        {
                String to = Strings.toString(parameters.get("cto"));
-               if (to == null)
-               {
-                       throw new IllegalArgumentException("parameter cto must 
be provided!");
-               }
                setContinueTo(to);
                initComps();
                WebRequestCycle requestCycle = 
(WebRequestCycle)getRequestCycle();
@@ -110,10 +106,6 @@ public class BrowserInfoPage extends Web
         */
        public BrowserInfoPage(final String continueTo)
        {
-               if (continueTo == null)
-               {
-                       throw new IllegalArgumentException("Argument continueTo 
must be not null");
-               }
                setContinueTo(continueTo);
                initComps();
        }
@@ -188,6 +180,32 @@ public class BrowserInfoPage extends Web
         */
        protected final void setContinueTo(String continueTo)
        {
+               if (continueTo == null)
+               {
+                       throw new IllegalArgumentException("Argument continueTo 
must not be null");
+               }
+               else if (continueTo.contains("://"))
+               {
+                       // prevent attackers from redirecting to any url by 
appending &cto=http://<someurl> to
+                       // the query string, eg
+                       // 
http://wicketstuff.org/wicket14/compref/?wicket:bookmarkablePage=:org.apache.wicket.markup.html.pages.BrowserInfoPage&cto=http://www.google.de
+                       // WICKET-3106
+                       throw new IllegalArgumentException("continuTo url : " + 
continueTo +
+                               " must be relative to the current server.")
+                       {
+                               /**
+                                * No stack trace. We won't tell the hackers 
about the internals of wicket in case
+                                * stack traces are enabled
+                                * 
+                                * @see java.lang.Throwable#getStackTrace()
+                                */
+                               @Override
+                               public StackTraceElement[] getStackTrace()
+                               {
+                                       return new StackTraceElement[0];
+                               }
+                       };
+               }
                this.continueTo = continueTo;
        }
 }

Reply via email to