Revision: 3332
Author: jaim...@gmail.com
Date: Fri Jan 24 16:36:54 2014 UTC
Log: Followup on previous commits. Use redirectUntrustedURL() as a
shortcut, and let everything else make use of redirectTrustedURL(). Move
the responsibility to check the input out of the library, to the places
where URLs are grabbed from input parameters.
http://code.google.com/p/simplesamlphp/source/detail?r=3332
Modified:
/trunk/config-templates/config.php
/trunk/docs/simplesamlphp-sp-migration.txt
/trunk/lib/SimpleSAML/Auth/BWC.php
/trunk/lib/SimpleSAML/Auth/Default.php
/trunk/lib/SimpleSAML/Auth/ProcessingChain.php
/trunk/lib/SimpleSAML/Auth/Simple.php
/trunk/lib/SimpleSAML/Auth/State.php
/trunk/lib/SimpleSAML/IdP/LogoutTraditional.php
/trunk/lib/SimpleSAML/IdP.php
/trunk/lib/SimpleSAML/Utilities.php
/trunk/lib/SimpleSAML/XHTML/IdPDisco.php
/trunk/modules/InfoCard/lib/Auth/Source/ICAuth.php
/trunk/modules/aselect/www/credentials.php
/trunk/modules/authYubiKey/lib/Auth/Source/YubiKey.php
/trunk/modules/authfacebook/www/linkback.php
/trunk/modules/authlinkedin/www/linkback.php
/trunk/modules/authmyspace/www/linkback.php
/trunk/modules/authorize/www/authorize_403.php
/trunk/modules/authtwitter/www/linkback.php
/trunk/modules/authwindowslive/www/linkback.php
/trunk/modules/cas/www/linkback.php
/trunk/modules/casserver/www/login.php
/trunk/modules/cdc/lib/Server.php
/trunk/modules/cdc/www/resume.php
/trunk/modules/consent/www/getconsent.php
/trunk/modules/consent/www/logout.php
/trunk/modules/consent/www/noconsent.php
/trunk/modules/core/lib/Auth/UserPassBase.php
/trunk/modules/core/lib/Auth/UserPassOrgBase.php
/trunk/modules/core/www/as_login.php
/trunk/modules/core/www/as_logout.php
/trunk/modules/core/www/bwc_resumeauth.php
/trunk/modules/core/www/cleardiscochoices.php
/trunk/modules/core/www/idp/logout-iframe-done.php
/trunk/modules/core/www/idp/logout-iframe.php
/trunk/modules/core/www/idp/resumelogout.php
/trunk/modules/core/www/login-admin.php
/trunk/modules/core/www/loginuserpass.php
/trunk/modules/core/www/loginuserpassorg.php
/trunk/modules/core/www/short_sso_interval.php
/trunk/modules/discopower/lib/PowerIdPDisco.php
/trunk/modules/exampleauth/lib/Auth/Source/External.php
/trunk/modules/exampleauth/www/authpage.php
/trunk/modules/exampleauth/www/redirecttest.php
/trunk/modules/expirycheck/www/about2expire.php
/trunk/modules/expirycheck/www/expired.php
/trunk/modules/multiauth/www/selectsource.php
/trunk/modules/negotiate/www/backend.php
/trunk/modules/negotiate/www/retry.php
/trunk/modules/oauth/www/authorize.php
/trunk/modules/openid/www/consumer.php
/trunk/modules/openid/www/linkback.php
/trunk/modules/openidProvider/lib/Server.php
/trunk/modules/papi/lib/Auth/Source/PAPI.php
/trunk/modules/preprodwarning/www/showwarning.php
/trunk/modules/saml/www/sp/discoresp.php
/trunk/modules/saml/www/sp/saml1-acs.php
/trunk/modules/saml/www/sp/saml2-acs.php
/trunk/modules/saml/www/sp/saml2-logout.php
/trunk/www/auth/login-admin.php
/trunk/www/auth/login-cas-ldap.php
/trunk/www/auth/login-ldapmulti.php
/trunk/www/auth/login-radius.php
/trunk/www/auth/login-tlsclient.php
/trunk/www/auth/login-wayf-ldap.php
/trunk/www/saml2/idp/SingleLogoutService.php
/trunk/www/saml2/idp/idpInitSingleLogoutServiceiFrame.php
/trunk/www/saml2/idp/initSLO.php
/trunk/www/saml2/sp/AssertionConsumerService.php
/trunk/www/saml2/sp/SingleLogoutService.php
/trunk/www/saml2/sp/initSLO.php
/trunk/www/saml2/sp/initSSO.php
/trunk/www/shib13/sp/AssertionConsumerService.php
/trunk/www/shib13/sp/initSSO.php
/trunk/www/wsfed/sp/initSLO.php
/trunk/www/wsfed/sp/initSSO.php
=======================================
--- /trunk/config-templates/config.php Mon Jan 13 16:33:21 2014 UTC
+++ /trunk/config-templates/config.php Fri Jan 24 16:36:54 2014 UTC
@@ -701,13 +701,26 @@
'proxy' => NULL,
/*
- * Array of URL's to allow a trusted redirect to.
+ * Array of domains that are allowed when generating links or
redirections
+ * to URLs. simpleSAMLphp will use this option to determine whether to
+ * to consider a given URL valid or not, but you should always validate
+ * URLs obtained from the input on your own (i.e. ReturnTo or RelayState
+ * parameters obtained from the $_REQUEST array).
+ *
+ * Set to NULL to disable checking of URLs.
+ *
+ * simpleSAMLphp will automatically add your own domain (either by
checking
+ * it dinamically, or by using the domain defined in the 'baseurlpath'
+ * directive, the latter having precedence) to the list of trusted
domains,
+ * in case this option is NOT set to NULL. In that case, you are
explicitly
+ * telling simpleSAMLphp to verify URLs.
*
- * Set to NULL to disable.
+ * Set to an empty array to disallow ALL redirections or links pointing
to
+ * an external URL other than your own domain.
*
* Example:
- * 'redirect.trustedsites' => array('sp.example.com',
'othersite.org'),
+ * 'trusted.url.domains' => array('sp.example.com',
'app.example.com'),
*/
- 'redirect.trustedsites' => NULL,
+ 'trusted.url.domains' => NULL,
);
=======================================
--- /trunk/docs/simplesamlphp-sp-migration.txt Mon Mar 8 12:41:15 2010 UTC
+++ /trunk/docs/simplesamlphp-sp-migration.txt Fri Jan 24 16:36:54 2014 UTC
@@ -209,6 +209,9 @@
$as->logout('https://example.org/');
+Please make sure the URL is trusted. If you obtain the URL from the user
input, make sure it is trusted before
+calling $as->logout(), by using the
SimpleSAML_Utilities::checkURLAllowed() method.
+
#### Login link
=======================================
--- /trunk/lib/SimpleSAML/Auth/BWC.php Fri Jan 17 15:40:02 2014 UTC
+++ /trunk/lib/SimpleSAML/Auth/BWC.php Fri Jan 24 16:36:54 2014 UTC
@@ -143,19 +143,19 @@
$session = SimpleSAML_Session::getInstance();
if (!$session->isValid($this->authority)) {
/* Not authenticated to this authentication source. */
- SimpleSAML_Utilities::redirectUntrustedURL($url);
+ SimpleSAML_Utilities::redirectTrustedURL($url);
assert('FALSE');
}
if ($this->authority === 'saml2') {
$config = SimpleSAML_Configuration::getInstance();
- SimpleSAML_Utilities::redirectUntrustedURL('/' .
$config->getBaseURL() . 'saml2/sp/initSLO.php',
+ SimpleSAML_Utilities::redirectTrustedURL('/' .
$config->getBaseURL() . 'saml2/sp/initSLO.php',
array('RelayState' => $url)
);
}
$session->doLogout($this->authority);
- SimpleSAML_Utilities::redirectUntrustedURL($url);
+ SimpleSAML_Utilities::redirectTrustedURL($url);
}
}
=======================================
--- /trunk/lib/SimpleSAML/Auth/Default.php Fri Jan 17 15:40:02 2014 UTC
+++ /trunk/lib/SimpleSAML/Auth/Default.php Fri Jan 24 16:36:54 2014 UTC
@@ -19,13 +19,21 @@
* This function never returns.
*
* @param string $authId The identifier of the authentication source.
- * @param string|array $return The URL or function we should direct the
user to after authentication.
- * @param string|NULL $errorURL The URL we should direct the user to
after failed authentication.
- * Can be NULL, in which case a standard
error page will be shown.
- * @param array $params Extra information about the login. Different
authentication requestors may
- * provide different information. Optional, will
default to an empty array.
+ * @param string|array $return The URL or function we should direct the
+ * user to after authentication. If using a URL obtained from user
input,
+ * please make sure to check it by calling
+ * SimpleSAML_Utilities::checkURLAllowed().
+ * @param string|NULL $errorURL The URL we should direct the user to
after
+ * failed authentication. Can be NULL, in which case a standard error
page
+ * will be shown. If using a URL obtained from user input, please make
sure
+ * to check it by calling SimpleSAML_Utilities::checkURLAllowed().
+ * @param array $params Extra information about the login. Different
+ * authentication requestors may provide different information.
Optional,
+ * will default to an empty array.
*/
- public static function initLogin($authId, $return, $errorURL = NULL,
array $params = array()) {
+ public static function initLogin($authId, $return, $errorURL = NULL,
+ array $params = array()) {
+
assert('is_string($authId)');
assert('is_string($return) || is_array($return)');
assert('is_string($errorURL) || is_null($errorURL)');
@@ -121,7 +129,7 @@
if (is_string($return)) {
/* Redirect... */
- SimpleSAML_Utilities::redirectUntrustedURL($return);
+ SimpleSAML_Utilities::redirectTrustedURL($return);
} else {
call_user_func($return, $state);
assert('FALSE');
@@ -132,11 +140,16 @@
/**
* Start logout.
*
- * This function starts a logout operation from the current
authentication source. This function
- * will return if the logout operation does not require a redirect.
+ * This function starts a logout operation from the current
authentication
+ * source. This function will return if the logout operation does not
+ * require a redirect.
*
- * @param string $returnURL The URL we should redirect the user to after
logging out.
- * @param string|NULL $authority The authentication source we are
logging out from, or NULL to log out of the most recent.
+ * @param string $returnURL The URL we should redirect the user to after
+ * logging out. No checking is performed on the URL, so make sure to
verify
+ * it on beforehand if the URL is obtained from user input. Refer to
+ * SimpleSAML_Utilities::checkURLAllowed() for more information.
+ * @param string|NULL $authority The authentication source we are
logging
+ * out from, or NULL to log out from the most recent.
*/
public static function initLogoutReturn($returnURL, $authority = NULL) {
assert('is_string($returnURL)');
@@ -171,11 +184,16 @@
/**
* Start logout.
*
- * This function starts a logout operation from the current
authentication source. This function
- * never returns.
+ * This function starts a logout operation from the current
authentication
+ * source. This function never returns.
*
- * @param string $returnURL The URL we should redirect the user to after
logging out.
- * @param string|NULL $authority The authentication source we are
logging out from, or NULL to log out of the most recent.
+ * @param string $returnURL The URL we should redirect the user to after
+ * logging out. No checking is performed on the URL, so make sure to
verify
+ * it on beforehand if the URL is obtained from user input. Refer to
+ * SimpleSAML_Utilities::checkURLAllowed() for more information.
+ * @param string|NULL $authority The authentication source we are
logging
+ * out from, or NULL to log out from the most recent.
+ * @return void This function never returns.
*/
public static function initLogout($returnURL, $authority = NULL) {
assert('is_string($returnURL)');
@@ -184,7 +202,7 @@
self::initLogoutReturn($returnURL, $authority);
/* Redirect... */
- SimpleSAML_Utilities::redirectUntrustedURL($returnURL);
+ SimpleSAML_Utilities::redirectTrustedURL($returnURL);
}
@@ -202,7 +220,7 @@
$returnURL = $state['SimpleSAML_Auth_Default.ReturnURL'];
/* Redirect... */
- SimpleSAML_Utilities::redirectUntrustedURL($returnURL);
+ SimpleSAML_Utilities::redirectTrustedURL($returnURL);
}
@@ -239,10 +257,14 @@
*
* This is used to handle IdP initiated SSO.
*
- * @param string $authId The id of the authentication source that
received the request.
- * @param array $state A state array.
- * @param string $redirectTo The URL we should redirect the user to
after
- * updating the session.
+ * @param string $authId The id of the authentication source that
received
+ * the request.
+ * @param array $state A state array.
+ * @param string $redirectTo The URL we should redirect the user to
after
+ * updating the session. The function will check if the URL is allowed,
so
+ * there is no need to manually check the URL on beforehand. Please
refer
+ * to the 'trusted.url.domains' configuration directive for more
+ * information about allowing (or disallowing) URLs.
*/
public static function handleUnsolicitedAuth($authId, array $state,
$redirectTo) {
assert('is_string($authId)');
=======================================
--- /trunk/lib/SimpleSAML/Auth/ProcessingChain.php Fri Jan 17 15:40:02 2014
UTC
+++ /trunk/lib/SimpleSAML/Auth/ProcessingChain.php Fri Jan 24 16:36:54 2014
UTC
@@ -248,7 +248,7 @@
* in $state['ReturnURL'].
*/
$id = SimpleSAML_Auth_State::saveState($state,
self::COMPLETED_STAGE);
- SimpleSAML_Utilities::redirectUntrustedURL($state['ReturnURL'],
array(self::AUTHPARAM => $id));
+ SimpleSAML_Utilities::redirectTrustedURL($state['ReturnURL'],
array(self::AUTHPARAM => $id));
} else {
/* Pass the state to the function defined in
$state['ReturnCall']. */
@@ -302,8 +302,11 @@
/**
* Retrieve a state which has finished processing.
*
- * @param string $id The identifier of the state. This can be found in
the request parameter
- * with index from
SimpleSAML_Auth_ProcessingChain::AUTHPARAM.
+ * @param string $id The state identifier. This can be found in the
+ * SimpleSAML_Auth_ProcessingChain::AUTHPARAM request parameter. Please
+ * make sure to sanitize it properly by calling the
+ * SimpleSAML_Utilities::checkURLAllowed() function with the embedded
+ * restart URL, if any. See also
SimpleSAML_Utilities::getURLFromStateID().
*/
public static function fetchProcessedState($id) {
assert('is_string($id)');
@@ -351,5 +354,3 @@
}
}
-
-?>
=======================================
--- /trunk/lib/SimpleSAML/Auth/Simple.php Fri Jan 17 15:40:02 2014 UTC
+++ /trunk/lib/SimpleSAML/Auth/Simple.php Fri Jan 24 16:36:54 2014 UTC
@@ -219,7 +219,7 @@
$params[$state['ReturnStateParam']] = $stateID;
}
-
SimpleSAML_Utilities::redirectUntrustedURL($state['ReturnTo'], $params);
+
SimpleSAML_Utilities::redirectTrustedURL($state['ReturnTo'], $params);
}
}
=======================================
--- /trunk/lib/SimpleSAML/Auth/State.php Fri Jan 17 15:40:02 2014 UTC
+++ /trunk/lib/SimpleSAML/Auth/State.php Fri Jan 24 16:36:54 2014 UTC
@@ -211,13 +211,7 @@
assert('is_bool($allowMissing)');
SimpleSAML_Logger::debug('Loading state: ' . var_export($id,
TRUE));
- $tmp = explode(':', $id, 2);
- $id = $tmp[0];
- if (count($tmp) === 2) {
- $restartURL = $tmp[1];
- } else {
- $restartURL = NULL;
- }
+ $restartURL = SimpleSAML_Utilities::getURLFromStateID($id);
$session = SimpleSAML_Session::getInstance();
$state = $session->getData('SimpleSAML_Auth_State', $id);
=======================================
--- /trunk/lib/SimpleSAML/IdP/LogoutTraditional.php Fri Jan 17 15:40:02
2014 UTC
+++ /trunk/lib/SimpleSAML/IdP/LogoutTraditional.php Fri Jan 24 16:36:54
2014 UTC
@@ -75,6 +75,12 @@
if ($relayState === NULL) {
throw new SimpleSAML_Error_Exception('RelayState lost
during logout.');
}
+
+ // sanitize the input
+ $restartURL =
SimpleSAML_Utilities::getURLFromStateID($relayState);
+ if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+ }
$state =
SimpleSAML_Auth_State::loadState($relayState, 'core:LogoutTraditional');
=======================================
--- /trunk/lib/SimpleSAML/IdP.php Fri Jan 17 15:40:02 2014 UTC
+++ /trunk/lib/SimpleSAML/IdP.php Fri Jan 24 16:36:54 2014 UTC
@@ -529,7 +529,7 @@
public static function finishLogoutRedirect(SimpleSAML_IdP $idp, array
$state) {
assert('isset($state["core:Logout:URL"])');
-
SimpleSAML_Utilities::redirectUntrustedURL($state['core:Logout:URL']);
+
SimpleSAML_Utilities::redirectTrustedURL($state['core:Logout:URL']);
assert('FALSE');
}
=======================================
--- /trunk/lib/SimpleSAML/Utilities.php Fri Jan 17 15:38:58 2014 UTC
+++ /trunk/lib/SimpleSAML/Utilities.php Fri Jan 24 16:36:54 2014 UTC
@@ -296,19 +296,82 @@
return $url;
}
+
+
+ /**
+ * Check if a URL is valid and is in our list of allowed URLs.
+ *
+ * @param string $url The URL to check.
+ * @param array $trustedSites An optional white list of domains. If none
+ * specified, the 'trusted.url.domains' configuration directive will be
+ * used.
+ * @return string The normalized URL itself if it is allowed.
+ * @throws SimpleSAML_Error_Exception if the URL is malformed or is not
+ * allowed by configuration.
+ */
+ public static function checkURLAllowed($url, array $trustedSites =
NULL) {
+ $url = self::normalizeURL($url);
+
+ // verify that the URL points to an http or https site
+ if (!preg_match('@^https?://@i', $url)) {
+ throw new SimpleSAML_Error_Exception('Invalid URL:
'.$url);
+ }
+
+ // get the white list of domains
+ if ($trustedSites === NULL) {
+ $trustedSites =
SimpleSAML_Configuration::getInstance()->getArray('trusted.url.domains',
NULL);
+ if ($trustedSites === NULL) {
+ $trustedSites =
SimpleSAML_Configuration::getInstance()->getArray('redirect.trustedsites',
NULL);
+ }
+ }
+
+ // validates the URL's host is among those allowed
+ if ($trustedSites !== NULL) {
+ assert(is_array($trustedSites));
+ preg_match('@^https?://([^/]+)@i', $url, $matches);
+ $hostname = $matches[1];
+
+ // add self host to the white list
+ $self_host = self::getSelfHost();
+ $trustedSites[] = $self_host;
+
+ /* Throw exception due to redirection to untrusted site
*/
+ if (!in_array($hostname, $trustedSites)) {
+ throw new SimpleSAML_Error_Exception('URL not
allowed: '.$url);
+ }
+ }
+ return $url;
+ }
+
+
+ /**
+ * Get a URL embedded in a StateID, in the form 'id:url'.
+ *
+ * @param string $stateId The state ID to use.
+ * @return string The embedded URL if found, NULL otherwise.
+ */
+ public static function getURLFromStateID($stateId) {
+ $tmp = explode(':', $stateId, 2);
+ $id = $tmp[0];
+ $url = NULL;
+ if (count($tmp) === 2) {
+ $url = $tmp[1];
+ }
+ return $url;
+ }
public static function checkDateConditions($start=NULL, $end=NULL) {
$currentTime = time();
- if (! empty($start)) {
+ if (!empty($start)) {
$startTime = SAML2_Utils::parseSAML2Time($start);
/* Allow for a 10 minute difference in Time */
if (($startTime < 0) || (($startTime - 600) >
$currentTime)) {
return FALSE;
}
}
- if (! empty($end)) {
+ if (!empty($end)) {
$endTime = SAML2_Utils::parseSAML2Time($end);
if (($endTime < 0) || ($endTime <= $currentTime)) {
return FALSE;
@@ -493,113 +556,20 @@
return true;
}
-
- /**
- * This function redirects the user to the specified address.
- *
- * This function will use the "HTTP 303 See Other" redirection if the
- * current request used the POST method and the HTTP version is 1.1.
- * Otherwise, a "HTTP 302 Found" redirection will be used.
- *
- * The fuction will also generate a simple web page with a clickable
- * link to the target page.
- *
- * @param string $url The URL we should redirect to. This URL may
include
- * query parameters. If this URL is a relative URL (starting with '/'),
- * then it will be turned into an absolute URL by prefixing it with the
- * absolute URL to the root of the website.
- * @param string[] $parameters An array with extra query string
parameters
- * which should be appended to the URL. The name of the parameter is the
- * array index. The value of the parameter is the value stored in the
index.
- * Both the name and the value will be urlencoded. If the value is NULL,
- * then the parameter will be encoded as just the name, without a value.
- * @param string[] $allowed_redirect_hosts An array with a whitelist of
- * hosts for which redirects are allowed. If NULL, redirections will be
- * allowed to any host. Otherwise, the host of the $url provided must be
- * present in this parameter. If the host is not whitelisted, an
exception
- * will be thrown.
- *
- * @return void This function never returns.
- * @deprecated 1.12.0 This function will be removed from the API. Use
- * accordingly the redirectTrustedURL or redirectUntrustedURL functions
- * instead.
+ /*
+ * This is a temporary function, holding the redirect() functionality,
+ * meanwhile we are deprecating the it.
*/
- public static function redirect($url, $parameters = array(),
$allowed_redirect_hosts = NULL) {
- assert(is_string($url));
- assert(strlen($url) > 0);
- assert(is_array($parameters));
- if($allowed_redirect_hosts != NULL)
assert(is_array($allowed_redirect_hosts));
-
- /* Check for relative URL. */
- if(substr($url, 0, 1) === '/') {
- /* Prefix the URL with the url to the root of the
- * website.
- */
- $url = self::selfURLhost() . $url;
- }
-
- /* Verify that the URL points to an http or https site. */
- if (!preg_match('@^https?://@i', $url)) {
- throw new SimpleSAML_Error_Exception('Redirect to invalid URL: ' .
$url);
- }
-
- /* Validates the URL's host is among those allowed. */
- if ($allowed_redirect_hosts !== NULL) {
- preg_match('@^https?://([^/]+)@i', $url, $matches);
- $hostname = $matches[1];
-
- // add self host to the white list
- $self_host = self::getSelfHost();
- $allowed_redirect_hosts[] = $self_host;
-
- /* Throw exception due to redirection to untrusted site
*/
- if(!in_array($hostname, $allowed_redirect_hosts)) {
- throw new SimpleSAML_Error_Exception('Redirection not to allowed to
URL: ' . $url);
- }
+ private static function _doRedirect($url, $parameters = array()) {
+ if (!empty($parameters)) {
+ $url = self::addURLparameter($url, $parameters);
}
-
- /* Determine which prefix we should put before the first
- * parameter.
- */
- if(strpos($url, '?') === FALSE) {
- $paramPrefix = '?';
- } else {
- $paramPrefix = '&';
- }
-
- /* Iterate over the parameters and append them to the query
- * string.
- */
- foreach($parameters as $name => $value) {
-
- /* Encode the parameter. */
- if($value === NULL) {
- $param = urlencode($name);
- } elseif (is_array($value)) {
- $param = "";
- foreach ($value as $val) {
- $param .= urlencode($name) . "[]=" .
urlencode($val) . '&';
- }
- } else {
- $param = urlencode($name) . '=' .
- urlencode($value);
- }
-
- /* Append the parameter to the query string. */
- $url .= $paramPrefix . $param;
-
- /* Every following parameter is guaranteed to follow
- * another parameter. Therefore we use the '&' prefix.
- */
- $paramPrefix = '&';
- }
-
/* Set the HTTP result code. This is either 303 See Other or
* 302 Found. HTTP 303 See Other is sent if the HTTP version
* is HTTP/1.1 and the request type was a POST request.
*/
- if($_SERVER['SERVER_PROTOCOL'] === 'HTTP/1.1' &&
+ if ($_SERVER['SERVER_PROTOCOL'] === 'HTTP/1.1' &&
$_SERVER['REQUEST_METHOD'] === 'POST') {
$code = 303;
} else {
@@ -630,7 +600,8 @@
echo '<h1>Redirect</h1>';
echo '<p>';
echo 'You were redirected to: ';
- echo '<a id="redirlink" href="' . htmlspecialchars($url) . '">' .
htmlspecialchars($url) . '</a>';
+ echo '<a id="redirlink" href="' .
+ htmlspecialchars($url) . '">' . htmlspecialchars($url) .
'</a>';
echo '<script
type="text/javascript">document.getElementById("redirlink").focus();</script>';
echo '</p>';
echo '</body>';
@@ -638,6 +609,51 @@
/* End script execution. */
exit;
+ }
+
+
+ /**
+ * This function redirects the user to the specified address.
+ *
+ * This function will use the "HTTP 303 See Other" redirection if the
+ * current request used the POST method and the HTTP version is 1.1.
+ * Otherwise, a "HTTP 302 Found" redirection will be used.
+ *
+ * The fuction will also generate a simple web page with a clickable
+ * link to the target page.
+ *
+ * @param string $url The URL we should redirect to. This URL may
include
+ * query parameters. If this URL is a relative URL (starting with '/'),
+ * then it will be turned into an absolute URL by prefixing it with the
+ * absolute URL to the root of the website.
+ * @param string[] $parameters An array with extra query string
parameters
+ * which should be appended to the URL. The name of the parameter is the
+ * array index. The value of the parameter is the value stored in the
index.
+ * Both the name and the value will be urlencoded. If the value is NULL,
+ * then the parameter will be encoded as just the name, without a value.
+ * @param string[] $allowed_redirect_hosts An array with a whitelist of
+ * hosts for which redirects are allowed. If NULL, redirections will be
+ * allowed to any host. Otherwise, the host of the $url provided must be
+ * present in this parameter. If the host is not whitelisted, an
exception
+ * will be thrown.
+ *
+ * @return void This function never returns.
+ * @deprecated 1.12.0 This function will be removed from the API.
Instead,
+ * use the redirectTrustedURL or redirectUntrustedURL functions
+ * accordingly.
+ */
+ public static function redirect($url, $parameters = array(),
+ $allowed_redirect_hosts = NULL) {
+
+ assert(is_string($url));
+ assert(strlen($url) > 0);
+ assert(is_array($parameters));
+
+ $url = self::normalizeURL($url);
+ if ($allowed_redirect_hosts !== NULL) {
+ $url = self::checkURLAllowed($url,
$allowed_redirect_hosts);
+ }
+ self::_doRedirect($url, $parameters);
}
/**
@@ -665,26 +681,27 @@
* @return void This function never returns.
*/
public static function redirectTrustedURL($url, $parameters = array()) {
- self::redirect($url, $parameters);
+ $url = self::normalizeURL($url);
+ self::_doRedirect($url, $parameters);
}
/**
* This function redirects to the specified URL after performing the
- * appropriate security checks on it. Particularly, it will make sure
- * that the provided URL is allowed by the 'redirect.trustedsites'
- * directive in the configuration.
+ * appropriate security checks on it. Particularly, it will make sure
that
+ * the provided URL is allowed by the 'redirect.trustedsites' directive
+ * in the configuration.
*
- * If the aforementioned option is not set or the URL does corresponds
- * to a trusted site, it performs a redirection to it. If the site is
- * not trusted, an exception will be thrown.
+ * If the aforementioned option is not set or the URL does correspond
to a
+ * trusted site, it performs a redirection to it. If the site is not
+ * trusted, an exception will be thrown.
*
* See the redirectTrustedURL function for more details.
*
* @return void This function never returns.
*/
public static function redirectUntrustedURL($url, $parameters =
array()) {
- $trustedSites =
SimpleSAML_Configuration::getInstance()->getArray('redirect.trustedsites',
NULL);
- self::redirect($url, $parameters, $trustedSites);
+ $url = self::checkURLAllowed($url);
+ self::_doRedirect($url, $parameters);
}
/**
@@ -1150,8 +1167,7 @@
$base = self::getBaseURL();
}
-
- if(!preg_match('$^((((\w+:)//[^/]+)(/[^?#]*))(?:\?[^#]*)?)(?:#.*)?$',
$base, $baseParsed)) {
+
if(!preg_match('/^((((\w+:)\/\/[^\/]+)(\/[^?#]*))(?:\?[^#]*)?)(?:#.*)?/',
$base, $baseParsed)) {
throw new Exception('Unable to parse base url: ' .
$base);
}
=======================================
--- /trunk/lib/SimpleSAML/XHTML/IdPDisco.php Fri Jan 17 15:40:02 2014 UTC
+++ /trunk/lib/SimpleSAML/XHTML/IdPDisco.php Fri Jan 24 16:36:54 2014 UTC
@@ -124,7 +124,7 @@
if(!array_key_exists('return', $_GET)) {
throw new Exception('Missing parameter: return');
} else {
- $this->returnURL = $_GET['return'];
+ $this->returnURL =
SimpleSAML_Utilities::checkURLAllowed($_GET['return']);
}
$this->isPassive = FALSE;
@@ -474,7 +474,7 @@
} else {
$this->log('Choice made [' . $idp . '] (Redirecting the user back.
returnIDParam=' . $this->returnIdParam . ')');
- SimpleSAML_Utilities::redirectUntrustedURL($this->returnURL,
array($this->returnIdParam => $idp));
+ SimpleSAML_Utilities::redirectTrustedURL($this->returnURL,
array($this->returnIdParam => $idp));
}
return;
@@ -482,7 +482,7 @@
if ($this->isPassive) {
$this->log('Choice not made. (Redirecting the user back without
answer)');
-
SimpleSAML_Utilities::redirectUntrustedURL($this->returnURL);
+
SimpleSAML_Utilities::redirectTrustedURL($this->returnURL);
return;
}
@@ -500,7 +500,7 @@
if(sizeof($idpintersection) == 1) {
$this->log('Choice made [' . $idpintersection[0] . ']
(Redirecting the user back. returnIDParam=' . $this->returnIdParam . ')');
- SimpleSAML_Utilities::redirectUntrustedURL($this->returnURL,
array($this->returnIdParam => $idpintersection[0]));
+ SimpleSAML_Utilities::redirectTrustedURL($this->returnURL,
array($this->returnIdParam => $idpintersection[0]));
}
/*
=======================================
--- /trunk/modules/InfoCard/lib/Auth/Source/ICAuth.php Fri Jan 17 15:40:02
2014 UTC
+++ /trunk/modules/InfoCard/lib/Auth/Source/ICAuth.php Fri Jan 24 16:36:54
2014 UTC
@@ -42,7 +42,6 @@
public static function handleLogin($authStateId, $xmlToken) {
-SimpleSAML_Logger::debug('ENTRA en icauth');
assert('is_string($authStateId)');
$config = SimpleSAML_Configuration::getInstance();
@@ -61,14 +60,20 @@
SimpleSAML_Logger::debug("NOXMLtoken: ".$xmlToken);
$claims = $infocard->process($xmlToken);
if($claims->isValid()) {
-// if(false) {
$attributes = array();
foreach ($Infocard['requiredClaims'] as $claim =>
$data){
$attributes[$claim] = array($claims->$claim);
}
foreach ($Infocard['optionalClaims'] as $claim =>
$data){
$attributes[$claim] = array($claims->$claim);
- }
+ }
+
+ // sanitize the input
+ $restartURL =
SimpleSAML_Utilities::getURLFromStateID($authStateId);
+ if (!is_null($restartURL)) {
+
SimpleSAML_Utilities::checkURLAllowed($restartURL);
+ }
+
/* Retrieve the authentication state. */
$state = SimpleSAML_Auth_State::loadState($authStateId,
self::STAGEID);
/* Find authentication source. */
@@ -78,12 +83,10 @@
throw new Exception('Could not find authentication source with id ' .
$state[self::AUTHID]);
}
$state['Attributes'] = $attributes;
-SimpleSAML_Logger::debug('VALIDA');
unset($infocard);
unset($claims);
SimpleSAML_Auth_Source::completeAuth($state);
} else {
-SimpleSAML_Logger::debug('NO VALIDA ERROR:'.$claims->getErrorMsg());
unset($infocard);
unset($claims);
return 'wrong_IC';
=======================================
--- /trunk/modules/aselect/www/credentials.php Mon May 14 11:34:55 2012 UTC
+++ /trunk/modules/aselect/www/credentials.php Fri Jan 24 16:36:54 2014 UTC
@@ -7,7 +7,18 @@
* @author Wessel Dankers, Tilburg University
*/
function check_credentials() {
- $state =
SimpleSAML_Auth_State::loadState($_REQUEST['ssp_state'], 'aselect:login');
+
+ if (!array_key_exists('ssp_state', $_REQUEST))
+ SimpleSAML_Auth_State::throwException($state, new
SimpleSAML_Error_Exception("Missing ssp_state parameter"));
+ $id = $_REQUEST['ssp_state'];
+
+ // sanitize the input
+ $restartURL = SimpleSAML_Utilities::getURLFromStateID($id);
+ if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+ }
+
+ $state = SimpleSAML_Auth_State::loadState($id, 'aselect:login');
if(!array_key_exists('a-select-server', $_REQUEST))
SimpleSAML_Auth_State::throwException($state, new
SimpleSAML_Error_Exception("Missing a-select-server parameter"));
=======================================
--- /trunk/modules/authYubiKey/lib/Auth/Source/YubiKey.php Fri Jan 17
15:40:02 2014 UTC
+++ /trunk/modules/authYubiKey/lib/Auth/Source/YubiKey.php Fri Jan 24
16:36:54 2014 UTC
@@ -123,6 +123,12 @@
public static function handleLogin($authStateId, $otp) {
assert('is_string($authStateId)');
assert('is_string($otp)');
+
+ // sanitize the input
+ $restartURL =
SimpleSAML_Utilities::getURLFromStateID($authStateId);
+ if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+ }
/* Retrieve the authentication state. */
$state = SimpleSAML_Auth_State::loadState($authStateId,
self::STAGEID);
=======================================
--- /trunk/modules/authfacebook/www/linkback.php Tue Jul 5 11:29:06 2011
UTC
+++ /trunk/modules/authfacebook/www/linkback.php Fri Jan 24 16:36:54 2014
UTC
@@ -9,6 +9,13 @@
}
$stateID = $_REQUEST['AuthState'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($stateID);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
+
$state = SimpleSAML_Auth_State::loadState($stateID,
sspmod_authfacebook_Auth_Source_Facebook::STAGE_INIT);
/* Find authentication source. */
=======================================
--- /trunk/modules/authlinkedin/www/linkback.php Tue Feb 8 13:51:32 2011
UTC
+++ /trunk/modules/authlinkedin/www/linkback.php Fri Jan 24 16:36:54 2014
UTC
@@ -9,6 +9,12 @@
} else {
throw new Exception('Lost OAuth Client State');
}
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($stateId);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
$state = SimpleSAML_Auth_State::loadState($stateId,
sspmod_authlinkedin_Auth_Source_LinkedIn::STAGE_INIT);
=======================================
--- /trunk/modules/authmyspace/www/linkback.php Wed Feb 9 12:28:10 2011 UTC
+++ /trunk/modules/authmyspace/www/linkback.php Fri Jan 24 16:36:54 2014 UTC
@@ -9,6 +9,12 @@
} else {
throw new Exception('State Lost - not returned by MySpace Auth');
}
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($stateId);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
$state = SimpleSAML_Auth_State::loadState($stateId,
sspmod_authmyspace_Auth_Source_MySpace::STAGE_INIT);
=======================================
--- /trunk/modules/authorize/www/authorize_403.php Fri Nov 16 13:02:39 2012
UTC
+++ /trunk/modules/authorize/www/authorize_403.php Fri Jan 24 16:36:54 2014
UTC
@@ -11,6 +11,13 @@
}
$id = $_REQUEST['StateId'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($id);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
+
$state = SimpleSAML_Auth_State::loadState($id, 'authorize:Authorize');
$globalConfig = SimpleSAML_Configuration::getInstance();
=======================================
--- /trunk/modules/authtwitter/www/linkback.php Tue Jul 5 12:08:29 2011 UTC
+++ /trunk/modules/authtwitter/www/linkback.php Fri Jan 24 16:36:54 2014 UTC
@@ -8,6 +8,12 @@
throw new SimpleSAML_Error_BadRequest('Missing state parameter on twitter
linkback endpoint.');
}
$stateID = $_REQUEST['AuthState'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($stateID);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
$state = SimpleSAML_Auth_State::loadState($stateID,
sspmod_authtwitter_Auth_Source_Twitter::STAGE_INIT);
=======================================
--- /trunk/modules/authwindowslive/www/linkback.php Wed Feb 9 12:28:10
2011 UTC
+++ /trunk/modules/authwindowslive/www/linkback.php Fri Jan 24 16:36:54
2014 UTC
@@ -6,6 +6,13 @@
if (array_key_exists('wrap_client_state', $_REQUEST)) {
$stateId = $_REQUEST['wrap_client_state'];
+
+ // sanitize the input
+ $restartURL = SimpleSAML_Utilities::getURLFromStateID($stateId);
+ if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+ }
+
$state = SimpleSAML_Auth_State::loadState($stateId,
sspmod_authwindowslive_Auth_Source_LiveID::STAGE_INIT);
} else {
throw new Exception('Lost OAuth-WRAP Client State');
=======================================
--- /trunk/modules/cas/www/linkback.php Tue Jan 12 12:22:43 2010 UTC
+++ /trunk/modules/cas/www/linkback.php Fri Jan 24 16:36:54 2014 UTC
@@ -12,6 +12,12 @@
if (!isset($_GET['ticket'])) {
throw new SimpleSAML_Error_BadRequest('Missing ticket parameter.');
}
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($stateId);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
$state = SimpleSAML_Auth_State::loadState($stateId,
sspmod_cas_Auth_Source_CAS::STAGE_INIT);
$state['cas:ticket'] = (string)$_GET['ticket'];
=======================================
--- /trunk/modules/casserver/www/login.php Fri Jan 17 15:40:02 2014 UTC
+++ /trunk/modules/casserver/www/login.php Fri Jan 24 16:36:54 2014 UTC
@@ -48,10 +48,8 @@
'proxies' => array(),
'validbefore' => time() + 5));
-SimpleSAML_Utilities::redirectUntrustedURL(
+SimpleSAML_Utilities::redirectTrustedURL(
SimpleSAML_Utilities::addURLparameter($service,
array('ticket' => $ticket)
)
);
-
-?>
=======================================
--- /trunk/modules/cdc/lib/Server.php Tue Jan 21 06:45:46 2014 UTC
+++ /trunk/modules/cdc/lib/Server.php Fri Jan 24 16:36:54 2014 UTC
@@ -327,7 +327,7 @@
$url = SimpleSAML_Utilities::addURLparameter($to, $params);
if (strlen($url) < 2048) {
- SimpleSAML_Utilities::redirectUntrustedURL($url);
+ SimpleSAML_Utilities::redirectTrustedURL($url);
} else {
SimpleSAML_Utilities::postRedirect($to, $params);
}
=======================================
--- /trunk/modules/cdc/www/resume.php Mon Mar 7 13:26:39 2011 UTC
+++ /trunk/modules/cdc/www/resume.php Fri Jan 24 16:36:54 2014 UTC
@@ -16,6 +16,12 @@
if (!isset($response['id'])) {
throw new SimpleSAML_Error_BadRequest('CDCResponse without id.');
}
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($response['id']);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
$state = SimpleSAML_Auth_State::loadState($response['id'], 'cdc:resume');
=======================================
--- /trunk/modules/consent/www/getconsent.php Wed Apr 25 07:14:34 2012 UTC
+++ /trunk/modules/consent/www/getconsent.php Fri Jan 24 16:36:54 2014 UTC
@@ -31,6 +31,13 @@
}
$id = $_REQUEST['StateId'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($id);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
+
$state = SimpleSAML_Auth_State::loadState($id, 'consent:request');
if (array_key_exists('core:SP', $state)) {
=======================================
--- /trunk/modules/consent/www/logout.php Thu Aug 30 11:39:17 2012 UTC
+++ /trunk/modules/consent/www/logout.php Fri Jan 24 16:36:54 2014 UTC
@@ -10,6 +10,13 @@
throw new SimpleSAML_Error_BadRequest('Missing required StateId query
parameter.');
}
$id = (string)$_GET['StateId'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($id);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
+
$state = SimpleSAML_Auth_State::loadState($id, 'consent:request');
$state['Responder'] = array('sspmod_consent_Logout', 'postLogout');
=======================================
--- /trunk/modules/consent/www/noconsent.php Thu Aug 30 11:39:38 2012 UTC
+++ /trunk/modules/consent/www/noconsent.php Fri Jan 24 16:36:54 2014 UTC
@@ -12,6 +12,13 @@
}
$id = $_REQUEST['StateId'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($id);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
+
$state = SimpleSAML_Auth_State::loadState($id, 'consent:request');
$resumeFrom = SimpleSAML_Module::getModuleURL(
=======================================
--- /trunk/modules/core/lib/Auth/UserPassBase.php Fri Jan 17 15:40:02 2014
UTC
+++ /trunk/modules/core/lib/Auth/UserPassBase.php Fri Jan 24 16:36:54 2014
UTC
@@ -196,6 +196,12 @@
assert('is_string($authStateId)');
assert('is_string($username)');
assert('is_string($password)');
+
+ // sanitize the input
+ $restartURL =
SimpleSAML_Utilities::getURLFromStateID($authStateId);
+ if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+ }
/* Here we retrieve the state array we saved in the
authenticate-function. */
$state = SimpleSAML_Auth_State::loadState($authStateId,
self::STAGEID);
=======================================
--- /trunk/modules/core/lib/Auth/UserPassOrgBase.php Fri Jan 17 15:40:02
2014 UTC
+++ /trunk/modules/core/lib/Auth/UserPassOrgBase.php Fri Jan 24 16:36:54
2014 UTC
@@ -208,6 +208,12 @@
assert('is_string($username)');
assert('is_string($password)');
assert('is_string($organization)');
+
+ // sanitize the input
+ $restartURL =
SimpleSAML_Utilities::getURLFromStateID($authStateId);
+ if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+ }
/* Retrieve the authentication state. */
$state = SimpleSAML_Auth_State::loadState($authStateId,
self::STAGEID);
@@ -256,6 +262,12 @@
*/
public static function listOrganizations($authStateId) {
assert('is_string($authStateId)');
+
+ // sanitize the input
+ $restartURL =
SimpleSAML_Utilities::getURLFromStateID($authStateId);
+ if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+ }
/* Retrieve the authentication state. */
$state = SimpleSAML_Auth_State::loadState($authStateId,
self::STAGEID);
=======================================
--- /trunk/modules/core/www/as_login.php Fri Jan 17 15:40:02 2014 UTC
+++ /trunk/modules/core/www/as_login.php Fri Jan 24 16:36:54 2014 UTC
@@ -19,7 +19,7 @@
* Setting up the options for the requireAuth() call later..
*/
$options = array(
- 'ReturnTo' => $_REQUEST['ReturnTo'],
+ 'ReturnTo' =>
SimpleSAML_Utilities::checkURLAllowed($_REQUEST['ReturnTo']),
);
/*
@@ -29,10 +29,8 @@
if (!empty($_REQUEST['saml:idp'])) {
$options['saml:idp'] = $_REQUEST['saml:idp'];
}
-
-
$as = new SimpleSAML_Auth_Simple($_REQUEST['AuthId']);
$as->requireAuth($options);
-SimpleSAML_Utilities::redirectUntrustedURL($_REQUEST['ReturnTo']);
+SimpleSAML_Utilities::redirectTrustedURL($options['ReturnTo']);
=======================================
--- /trunk/modules/core/www/as_logout.php Fri Oct 16 11:04:44 2009 UTC
+++ /trunk/modules/core/www/as_logout.php Fri Jan 24 16:36:54 2014 UTC
@@ -16,4 +16,4 @@
}
$as = new SimpleSAML_Auth_Simple($_REQUEST['AuthId']);
-$as->logout($_REQUEST['ReturnTo']);
+$as->logout(SimpleSAML_Utilities::checkURLAllowed($_REQUEST['ReturnTo']));
=======================================
--- /trunk/modules/core/www/bwc_resumeauth.php Fri Jan 17 15:40:02 2014 UTC
+++ /trunk/modules/core/www/bwc_resumeauth.php Fri Jan 24 16:36:54 2014 UTC
@@ -20,7 +20,7 @@
}
if (isset($state['ReturnTo'])) {
- SimpleSAML_Utilities::redirectUntrustedURL($state['ReturnTo']);
+ SimpleSAML_Utilities::redirectTrustedURL($state['ReturnTo']);
}
foreach ($session->getAuthState($authority) as $k => $v) {
=======================================
--- /trunk/modules/core/www/cleardiscochoices.php Fri Jan 17 15:40:02 2014
UTC
+++ /trunk/modules/core/www/cleardiscochoices.php Fri Jan 24 16:36:54 2014
UTC
@@ -26,12 +26,12 @@
/* Find where we should go now. */
if(array_key_exists('ReturnTo', $_REQUEST)) {
- $returnTo = $_REQUEST['ReturnTo'];
+ $returnTo =
SimpleSAML_Utilities::checkURLAllowed($_REQUEST['ReturnTo']);
} else {
/* Return to the front page if no other destination is given. This is the
same as the base cookie path. */
$returnTo = $cookiePath;
}
/* Redirect to destination. */
-SimpleSAML_Utilities::redirectUntrustedURL($returnTo);
+SimpleSAML_Utilities::redirectTrustedURL($returnTo);
=======================================
--- /trunk/modules/core/www/idp/logout-iframe-done.php Wed Mar 21 12:29:15
2012 UTC
+++ /trunk/modules/core/www/idp/logout-iframe-done.php Fri Jan 24 16:36:54
2014 UTC
@@ -4,6 +4,12 @@
throw new SimpleSAML_Error_BadRequest('Missing required parameter: id');
}
$id = (string)$_REQUEST['id'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($id);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
$state = SimpleSAML_Auth_State::loadState($id, 'core:Logout-IFrame');
$idp = SimpleSAML_IdP::getByState($state);
=======================================
--- /trunk/modules/core/www/idp/logout-iframe.php Mon Nov 25 16:04:44 2013
UTC
+++ /trunk/modules/core/www/idp/logout-iframe.php Fri Jan 24 16:36:54 2014
UTC
@@ -18,6 +18,12 @@
SimpleSAML_Logger::stats('slo-iframe ' . $type);
SimpleSAML_Stats::log('core:idp:logout-iframe:page', array('type' =>
$type));
}
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($id);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
$state = SimpleSAML_Auth_State::loadState($id, 'core:Logout-IFrame');
$idp = SimpleSAML_IdP::getByState($state);
=======================================
--- /trunk/modules/core/www/idp/resumelogout.php Mon Apr 26 09:09:43 2010
UTC
+++ /trunk/modules/core/www/idp/resumelogout.php Fri Jan 24 16:36:54 2014
UTC
@@ -4,6 +4,12 @@
throw new SimpleSAML_Error_BadRequest('Missing id-parameter.');
}
$id = (string)$_REQUEST['id'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($id);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
$state = SimpleSAML_Auth_State::loadState($id, 'core:Logout:afterbridge');
$idp = SimpleSAML_IdP::getByState($state);
=======================================
--- /trunk/modules/core/www/login-admin.php Fri Jan 17 15:40:02 2014 UTC
+++ /trunk/modules/core/www/login-admin.php Fri Jan 24 16:36:54 2014 UTC
@@ -6,9 +6,8 @@
if (!array_key_exists('ReturnTo', $_REQUEST)) {
throw new SimpleSAML_Error_BadRequest('Missing ReturnTo parameter.');
}
-$returnTo = $_REQUEST['ReturnTo'];
SimpleSAML_Utilities::requireAdmin();
-SimpleSAML_Utilities::redirectUntrustedURL($returnTo);
+SimpleSAML_Utilities::redirectUntrustedURL($_REQUEST['ReturnTo']);
=======================================
--- /trunk/modules/core/www/loginuserpass.php Wed Sep 4 11:12:48 2013 UTC
+++ /trunk/modules/core/www/loginuserpass.php Fri Jan 24 16:36:54 2014 UTC
@@ -14,6 +14,12 @@
throw new SimpleSAML_Error_BadRequest('Missing AuthState parameter.');
}
$authStateId = $_REQUEST['AuthState'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($authStateId);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
/* Retrieve the authentication state. */
$state = SimpleSAML_Auth_State::loadState($authStateId,
sspmod_core_Auth_UserPassBase::STAGEID);
=======================================
--- /trunk/modules/core/www/loginuserpassorg.php Wed Sep 4 11:12:48 2013
UTC
+++ /trunk/modules/core/www/loginuserpassorg.php Fri Jan 24 16:36:54 2014
UTC
@@ -14,6 +14,12 @@
throw new SimpleSAML_Error_BadRequest('Missing AuthState parameter.');
}
$authStateId = $_REQUEST['AuthState'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($authStateId);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
/* Retrieve the authentication state. */
$state = SimpleSAML_Auth_State::loadState($authStateId,
sspmod_core_Auth_UserPassOrgBase::STAGEID);
=======================================
--- /trunk/modules/core/www/short_sso_interval.php Wed Mar 18 07:44:46 2009
UTC
+++ /trunk/modules/core/www/short_sso_interval.php Fri Jan 24 16:36:54 2014
UTC
@@ -12,6 +12,13 @@
}
$id = $_REQUEST['StateId'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($id);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
+
$state = SimpleSAML_Auth_State::loadState($id, 'core:short_sso_interval');
if (array_key_exists('continue', $_REQUEST)) {
=======================================
--- /trunk/modules/discopower/lib/PowerIdPDisco.php Fri Jan 24 16:35:49
2014 UTC
+++ /trunk/modules/discopower/lib/PowerIdPDisco.php Fri Jan 24 16:36:54
2014 UTC
@@ -203,7 +203,7 @@
} else {
$this->log('Choice made [' . $idp . '] (Redirecting the user back.
returnIDParam=' . $this->returnIdParam . ')');
- SimpleSAML_Utilities::redirectUntrustedURL($this->returnURL,
array($this->returnIdParam => $idp));
+ SimpleSAML_Utilities::redirectTrustedURL($this->returnURL,
array($this->returnIdParam => $idp));
}
return;
@@ -211,7 +211,7 @@
if ($this->isPassive) {
$this->log('Choice not made. (Redirecting the user back without
answer)');
-
SimpleSAML_Utilities::redirectUntrustedURL($this->returnURL);
+
SimpleSAML_Utilities::redirectTrustedURL($this->returnURL);
return;
}
=======================================
--- /trunk/modules/exampleauth/lib/Auth/Source/External.php Fri Jan 17
15:40:02 2014 UTC
+++ /trunk/modules/exampleauth/lib/Auth/Source/External.php Fri Jan 24
16:36:54 2014 UTC
@@ -185,6 +185,12 @@
throw new SimpleSAML_Error_BadRequest('Missing "State"
parameter.');
}
$stateId = (string)$_REQUEST['State'];
+
+ // sanitize the input
+ $restartURL = SimpleSAML_Utilities::getURLFromStateID($stateId);
+ if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+ }
/*
* Once again, note the second parameter to the loadState function. This
must
=======================================
--- /trunk/modules/exampleauth/www/authpage.php Fri Jul 30 08:40:15 2010 UTC
+++ /trunk/modules/exampleauth/www/authpage.php Fri Jan 24 16:36:54 2014 UTC
@@ -14,7 +14,7 @@
die('Missing ReturnTo parameter.');
}
-$returnTo = $_REQUEST['ReturnTo'];
+$returnTo = SimpleSAML_Utilities::checkURLAllowed($_REQUEST['ReturnTo']);
/*
@@ -31,6 +31,13 @@
die('Invalid ReturnTo URL for this example.');
}
$stateId = urldecode($matches[1]);
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($stateId);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
+
SimpleSAML_Auth_State::loadState($stateId, 'exampleauth:External');
/*
@@ -87,8 +94,7 @@
$_SESSION['mail'] = $user['mail'];
$_SESSION['type'] = $user['type'];
- header('Location: ' . $returnTo);
- exit();
+ SimpleSAML_Utilities::redirectTrustedURL($returnTo);
}
}
=======================================
--- /trunk/modules/exampleauth/www/redirecttest.php Mon Aug 18 11:38:10
2008 UTC
+++ /trunk/modules/exampleauth/www/redirecttest.php Fri Jan 24 16:36:54
2014 UTC
@@ -13,6 +13,13 @@
}
$id = $_REQUEST['StateId'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($id);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
+
$state =
SimpleSAML_Auth_State::loadState($id, 'exampleauth:redirectfilter-test');
$state['Attributes']['RedirectTest2'] = array('OK');
=======================================
--- /trunk/modules/expirycheck/www/about2expire.php Tue Nov 8 08:30:30
2011 UTC
+++ /trunk/modules/expirycheck/www/about2expire.php Fri Jan 24 16:36:54
2014 UTC
@@ -14,6 +14,13 @@
}
$id = $_REQUEST['StateId'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($id);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
+
$state =
SimpleSAML_Auth_State::loadState($id, 'expirywarning:about2expire');
=======================================
--- /trunk/modules/expirycheck/www/expired.php Tue Nov 8 08:30:30 2011 UTC
+++ /trunk/modules/expirycheck/www/expired.php Fri Jan 24 16:36:54 2014 UTC
@@ -14,6 +14,13 @@
}
$id = $_REQUEST['StateId'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($id);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
+
$state = SimpleSAML_Auth_State::loadState($id, 'expirywarning:expired');
$globalConfig = SimpleSAML_Configuration::getInstance();
=======================================
--- /trunk/modules/multiauth/www/selectsource.php Thu Sep 13 08:12:12 2012
UTC
+++ /trunk/modules/multiauth/www/selectsource.php Fri Jan 24 16:36:54 2014
UTC
@@ -15,6 +15,12 @@
throw new SimpleSAML_Error_BadRequest('Missing AuthState parameter.');
}
$authStateId = $_REQUEST['AuthState'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($authStateId);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
/* Retrieve the authentication state. */
$state = SimpleSAML_Auth_State::loadState($authStateId,
sspmod_multiauth_Auth_Source_MultiAuth::STAGEID);
=======================================
--- /trunk/modules/negotiate/www/backend.php Thu Mar 8 14:08:03 2012 UTC
+++ /trunk/modules/negotiate/www/backend.php Fri Jan 24 16:36:54 2014 UTC
@@ -10,6 +10,13 @@
*/
$authStateId = $_REQUEST['AuthState'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($authStateId);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
+
$state = SimpleSAML_Auth_State::loadState($authStateId,
sspmod_negotiate_Auth_Source_Negotiate::STAGEID);
SimpleSAML_Logger::debug('backend -
fallback: '.$state['LogoutState']['negotiate:backend']);
=======================================
--- /trunk/modules/negotiate/www/retry.php Thu Mar 8 14:08:03 2012 UTC
+++ /trunk/modules/negotiate/www/retry.php Fri Jan 24 16:36:54 2014 UTC
@@ -10,6 +10,13 @@
*/
$authStateId = $_REQUEST['AuthState'];
+
+// sanitize the input
+$restartURL = SimpleSAML_Utilities::getURLFromStateID($authStateId);
+if (!is_null($restartURL)) {
+ SimpleSAML_Utilities::checkURLAllowed($restartURL);
+}
+
$state = SimpleSAML_Auth_State::loadState($authStateId,
sspmod_negotiate_Auth_Source_Negotiate::STAGEID);
$metadata =
SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
=======================================
--- /trunk/modules/oauth/www/authorize.php Fri Jan 17 15:40:02 2014 UTC
+++ /trunk/modules/oauth/www/authorize.php Fri Jan 24 16:36:54 2014 UTC
@@ -56,7 +56,7 @@
if ($url) {
// If authorize() returns a URL, take user there (oauth1.0a)
- SimpleSAML_Utilities::redirectUntrustedURL($url);
+ SimpleSAML_Utilities::redirectTrustedURL($url);
}
else if (isset($_REQUEST['oauth_callback'])) {
// If callback was provided in the request (oauth1.0)
=======================================
***Additional files exist in this changeset.***
--
You received this message because you are subscribed to the Google Groups
"simpleSAMLphp commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to simplesamlphp-commits+unsubscr...@googlegroups.com.
To post to this group, send email to simplesamlphp-commits@googlegroups.com.
Visit this group at http://groups.google.com/group/simplesamlphp-commits.
For more options, visit https://groups.google.com/groups/opt_out.
