From b43128c809ec4d404ad7ff1883cba122a7d91f04 Mon Sep 17 00:00:00 2001 From: AD7six Date: Fri, 14 Nov 2008 09:07:22 +0000 Subject: [PATCH] Ensuring that the auth component never redirects to an external link. Tests updated to match code changes and tests added for external referer examples git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@7874 3807eeeb-6ff5-0310-8944-8be069107fe0 --- cake/libs/controller/components/auth.php | 2 +- .../libs/controller/components/auth.test.php | 28 +++++++++++++++++-- 2 files changed, 27 insertions(+), 3 deletions(-) diff --git a/cake/libs/controller/components/auth.php b/cake/libs/controller/components/auth.php index db3b2f8e4..581f0019f 100644 --- a/cake/libs/controller/components/auth.php +++ b/cake/libs/controller/components/auth.php @@ -309,7 +309,7 @@ class AuthComponent extends Object { if ($loginAction == $url) { if (empty($controller->data) || !isset($controller->data[$this->userModel])) { if (!$this->Session->check('Auth.redirect') && env('HTTP_REFERER')) { - $this->Session->write('Auth.redirect', $controller->referer()); + $this->Session->write('Auth.redirect', $controller->referer(null, true)); } return false; } diff --git a/cake/tests/cases/libs/controller/components/auth.test.php b/cake/tests/cases/libs/controller/components/auth.test.php index d9c094856..31615f327 100644 --- a/cake/tests/cases/libs/controller/components/auth.test.php +++ b/cake/tests/cases/libs/controller/components/auth.test.php @@ -717,7 +717,7 @@ class AuthTest extends CakeTestCase { $this->Controller->Session->del('Auth'); - $_SERVER['HTTP_REFERER'] = '/admin/'; + $_SERVER['HTTP_REFERER'] = Router::url('/admin/', true); $this->Controller->Session->write('Auth', array( 'AuthUser' => array('id'=>'1', 'username'=>'nate')) @@ -728,7 +728,7 @@ class AuthTest extends CakeTestCase { $this->Controller->Auth->userModel = 'AuthUser'; $this->Controller->Auth->loginRedirect = false; $this->Controller->Auth->startup($this->Controller); - $expected = Router::normalize('admin'); + $expected = Router::normalize('/admin'); $this->assertEqual($expected, $this->Controller->Auth->redirect()); //Ticket #4750 @@ -754,6 +754,30 @@ class AuthTest extends CakeTestCase { $expected = Router::normalize('posts/view/1'); $this->assertEqual($expected, $this->Controller->Session->read('Auth.redirect')); + //external authed action + $_SERVER['HTTP_REFERER'] = 'http://webmail.example.com/view/message'; + $this->Controller->Session->del('Auth'); + $url = '/posts/edit/1'; + $this->Controller->params = Router::parse($url); + $this->Controller->Auth->initialize($this->Controller); + $this->Controller->Auth->loginAction = array('controller' => 'AuthTest', 'action' => 'login'); + $this->Controller->Auth->userModel = 'AuthUser'; + $this->Controller->Auth->startup($this->Controller); + $expected = Router::normalize('/posts/edit/1'); + $this->assertEqual($expected, $this->Controller->Session->read('Auth.redirect')); + + //external direct login link + $_SERVER['HTTP_REFERER'] = 'http://webmail.example.com/view/message'; + $this->Controller->Session->del('Auth'); + $url = '/AuthTest/login'; + $this->Controller->params = Router::parse($url); + $this->Controller->Auth->initialize($this->Controller); + $this->Controller->Auth->loginAction = array('controller' => 'AuthTest', 'action' => 'login'); + $this->Controller->Auth->userModel = 'AuthUser'; + $this->Controller->Auth->startup($this->Controller); + $expected = Router::normalize('/'); + $this->assertEqual($expected, $this->Controller->Session->read('Auth.redirect')); + $_SERVER['HTTP_REFERER'] = $backup; $this->Controller->Session->del('Auth'); }