Bug #62753 [Opn->Nab]: proxy_test.php

Sun, 05 Aug 2012 18:14:26 -0700 

Edit report at https://bugs.php.net/bug.php?id=62753&edit=1

 ID:                 62753
 Updated by:         ahar...@php.net
 Reported by:        admin at angosso dot net
 Summary:            proxy_test.php
-Status:             Open
+Status:             Not a bug
 Type:               Bug
 Package:            Built-in web server
 Operating System:   Migration Localhost->_Server
 PHP Version:        5.3.15
 Block user comment: N
 Private report:     N

 New Comment:

I'm sorry, but this is gibberish. I don't know what an SPF record has to do 
with anything, there's no description of the "vulnerability", and it doesn't 
seem like it's a PHP side issue regardless if you're setting browser settings.


Previous Comments:
------------------------------------------------------------------------
[2012-08-05 16:53:44] admin at angosso dot net

Description:
------------
User Agent: Mozilla/5.0 (Windows NT 6.0; rv:14.0) Gecko/20100101 Firefox/14.0.1
Build ID: 20120713134347

Steps to reproduce:

user_pref("capability.policy.policynames", "strict");
   user_pref("capability.policy.strict.sites", "http://www.hosting24.com 
http://www.srv47.hosting24.com";);
   user_pref("capability.policy.strict.Window.alert", "noAccess");
   user_pref("capability.policy.strict.Window.confirm", "noAccess");
   user_pref("capability.policy.strict.Window.prompt", "noAccess");


Test script:
---------------
"v=spf1 +a +mx +ip4:212.1.208.183 +a:srv47.hosting24.com +mx:mail.angosso.net 
+mx:srv47.hosting24.com +include:angosso.net ?all"

Expected result:
----------------
function _parse_uri()
     
     
    function _redirect( $uri ) {
    $location = $this->_parse_location( $uri );
    if ( $location['host'] != $this->host || $location['port'] != $this->port ) 
{
    $this->host = $location['host'];
    $this->port = $location['port'];
    if ( !$this->_use_proxy) $this->disconnect();
    }
    usleep( 100 );
    $this->get( $location['request_file'] . '?' . $location['query_string'] );
foreach( $this->cookies as $cookie_name => $cookie_data ) {
    if ($cookie_data['expires'] > $none) {
    $new_cookies[$cookie_name] = $cookie_data;
    $domain = preg_quote( $cookie_data['angosso.net'] );
    $path = preg_quote( $cookie_data['/home/angosson/public_html/www'] );
    if ( preg_match( "'.*$domain$'i", $current_domain ) && preg_match( 
"'^$path.*'i", $current_path ) )
    $cookie_str .= $cookie_name . '=' . 
$cookie_data['http://www.angosso.net/pub-page/economie.php'] . '; ';
    }
    }

Actual result:
--------------
Vulnerability



------------------------------------------------------------------------



-- 
Edit this bug report at https://bugs.php.net/bug.php?id=62753&edit=1

Reply via email to