adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-01-18 10:36:16 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Removing Session deletion of nonce token on blackhole. Fixes possible CSRF risk from multiple submissions of the same invalid data. Refs #214

Browse source
This commit is contained in:
Mark Story 2010-01-26 13:59:26 -05:00
parent c195d654b3
commit fc304056a3
2 changed files with 17 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
cake/libs/controller/components/security.php
View file

@ -381,8 +381,6 @@ class SecurityComponent extends Object {
* @see SecurityComponent::$blackHoleCallback
*/
function blackHole(&$controller, $error = '') {
$this->Session->del('_Token');
if ($this->blackHoleCallback == null) {
$code = 404;
if ($error == 'login') {

20
cake/tests/cases/libs/controller/components/security.test.php
View file

@ -237,16 +237,16 @@ class SecurityComponentTest extends CakeTestCase {
$this->Controller->Security->startup($this->Controller);
$this->assertTrue($this->Controller->failed);
$this->Controller->Session->write('_Token', array('allowedControllers' => array()));
$this->Controller->Session->write('_Token', serialize(array('allowedControllers' => array())));
$this->Controller->data = array('username' => 'willy', 'password' => 'somePass');
$this->Controller->action = 'posted';
$this->Controller->Security->requireAuth('posted');
$this->Controller->Security->startup($this->Controller);
$this->assertTrue($this->Controller->failed);
$this->Controller->Session->write('_Token', array(
$this->Controller->Session->write('_Token', serialize(array(
'allowedControllers' => array('SecurityTest'), 'allowedActions' => array('posted2')
));
)));
$this->Controller->data = array('username' => 'willy', 'password' => 'somePass');
$this->Controller->action = 'posted';
$this->Controller->Security->requireAuth('posted');
@ -1145,5 +1145,19 @@ DIGEST;
$this->Controller->Security->startup($this->Controller);
$this->assertEqual($this->Controller->params['_Token']['key'], $key);
}
/**
* test that blackhole doesn't delete the _Token session key so repeat data submissions
* stay blackholed.
*
* @link http://cakephp.lighthouseapp.com/projects/42648/tickets/214
* @return void
*/
function testBlackHoleNotDeletingSessionInformation() {
$this->Controller->Security->startup($this->Controller);
$this->Controller->Security->blackHole($this->Controller, 'auth');
$this->assertTrue($this->Controller->Security->Session->check('_Token'), '_Token was deleted by blackHole %s');
}
}
?>