Merge pull request #11503 from chinpei215/fix-non-local-referer

Fix Request::referer(true) returning scheme-relative URLs
cakephp · Dec 4, 2017 · df62120 · df62120
2 parents 758e12b + dc55988
commit df62120
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 1 deletion.
diff --git a/src/Http/ServerRequest.php b/src/Http/ServerRequest.php
@@ -576,7 +576,7 @@ public function referer($local = false)
         if (!empty($ref) && !empty($base)) {
             if ($local && strpos($ref, $base) === 0) {
                 $ref = substr($ref, strlen($base));
-                if (!strlen($ref)) {
+                if (!strlen($ref) || strpos($ref, '//') === 0) {
                     $ref = '/';
                 }
                 if ($ref[0] !== '/') {

diff --git a/tests/TestCase/Http/ServerRequestTest.php b/tests/TestCase/Http/ServerRequestTest.php
@@ -723,6 +723,9 @@ public function testReferer()
         $result = $request->referer();
         $this->assertSame('http://cakephp.org', $result);
 
+        $result = $request->referer(true);
+        $this->assertSame('/', $result);
+
         $request->env('HTTP_REFERER', '');
         $result = $request->referer();
         $this->assertSame('/', $result);
@@ -731,6 +734,10 @@ public function testReferer()
         $result = $request->referer(true);
         $this->assertSame('/some/path', $result);
 
+        $request->env('HTTP_REFERER', Configure::read('App.fullBaseUrl') . '///cakephp.org/');
+        $result = $request->referer(true);
+        $this->assertSame('/', $result); // Avoid returning scheme-relative URLs.
+
         $request->env('HTTP_REFERER', Configure::read('App.fullBaseUrl') . '/0');
         $result = $request->referer(true);
         $this->assertSame('/0', $result);