YunoHost/SSOwat
1
0
Fork 0
mirror of https://github.com/YunoHost/SSOwat.git synced 2024-09-03 20:06:27 +02:00
Code Issues Projects Releases Packages Wiki Activity

[fix] CVE-2018-11347 http header injection

Browse source
This commit is contained in:
Laurent Peuch 2018-12-06 23:21:13 +01:00
parent 61035e3c27
commit 253cde4b9a
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
helpers.lua
View file

@ -910,6 +910,14 @@ function login()
-- Forward the `r` URI argument if it exists to redirect -- Forward the `r` URI argument if it exists to redirect
-- the user properly after a successful login. -- the user properly after a successful login.
if uri_args.r then if uri_args.r then
-- If `uri_args.r` contains line break, someone is probably trying to
-- pass some additional headers
if string.match(uri_args.r, "(.*)\n") then
flash("fail", t("redirection_error_invalid_url"))
ngx.log(ngx.ERR, "Redirection url is invalid")
return redirect(conf.portal_url)
end
return redirect(conf.portal_url.."?r="..uri_args.r) return redirect(conf.portal_url.."?r="..uri_args.r)
else else
return redirect(conf.portal_url) return redirect(conf.portal_url)