Skip to content

Commit

Permalink
Fixing issue where SecurityComponent::_validatePost could generate no…
Browse files Browse the repository at this point in the history 
…tices if elements were removed from _Token array.

Tests Added
Fixed #228
  • Loading branch information
@markstory
markstory committed Nov 8, 2009
1 parent 82a2b1a commit a7a6dc8
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 1 deletion.
2 changes: 1 addition & 1 deletion cake/libs/controller/components/security.php
View file
Expand Up @@ -545,7 +545,7 @@ function _validatePost(&$controller) {
}
$data = $controller->data;

if (!isset($data['_Token']) || !isset($data['_Token']['fields'])) {
if (!isset($data['_Token']) || !isset($data['_Token']['fields']) || !isset($data['_Token']['key'])) {
return false;
}
$token = $data['_Token']['key'];
Expand Down
25 changes: 25 additions & 0 deletions cake/tests/cases/libs/controller/components/security.test.php
View file
Expand Up @@ -527,6 +527,31 @@ function testValidatePost() {
);
$this->assertTrue($this->Controller->Security->validatePost($this->Controller));
}
/**
* test that validatePost fails if any of its required fields are missing.
*
* @return void
**/
function testValidatePostFormHacking() {
$this->Controller->Security->startup($this->Controller);
$key = $this->Controller->params['_Token']['key'];
$fields = 'a5475372b40f6e3ccbf9f8af191f20e1642fd877%3An%3A1%3A%7Bv%3A0%3B';
$fields .= 'f%3A11%3A%22Zbqry.inyvq%22%3B%7D';

$this->Controller->data = array(
'Model' => array('username' => 'nate', 'password' => 'foo', 'valid' => '0'),
'_Token' => compact('key')
);
$result = $this->Controller->Security->validatePost($this->Controller);
$this->assertFalse($result, 'validatePost passed when fields were missing. %s');

$this->Controller->data = array(
'Model' => array('username' => 'nate', 'password' => 'foo', 'valid' => '0'),
'_Token' => compact('fields')
);
$result = $this->Controller->Security->validatePost($this->Controller);
$this->assertFalse($result, 'validatePost passed when key was missing. %s');
}
/**
* Tests validation of checkbox arrays
*
Expand Down

0 comments on commit a7a6dc8

Please sign in to comment.