Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Backport of fixes from SA-CORE-2018-002
- Loading branch information
Showing
with
55 additions
and
0 deletions.
-
+55
−0
includes/bootstrap.inc
|
@@ -1142,6 +1142,7 @@ function _drupal_bootstrap($phase) { |
|
|
timer_start('page'); |
|
|
// Initialize the configuration |
|
|
conf_init(); |
|
|
_drupal_bootstrap_sanitize_request(); |
|
|
break; |
|
|
|
|
|
case DRUPAL_BOOTSTRAP_EARLY_PAGE_CACHE: |
|
@@ -1603,3 +1604,57 @@ function filter_xss_bad_protocol($string, $decode = TRUE) { |
|
|
} while ($before != $string); |
|
|
return check_plain($string); |
|
|
} |
|
|
|
|
|
/** |
|
|
* Sanitizes unsafe keys from the request. |
|
|
*/ |
|
|
function _drupal_bootstrap_sanitize_request() { |
|
|
global $conf; |
|
|
static $sanitized; |
|
|
|
|
|
if (!$sanitized) { |
|
|
// Ensure the whitelist array exists. |
|
|
if (!isset($conf['sanitize_input_whitelist']) || !is_array($conf['sanitize_input_whitelist'])) { |
|
|
$conf['sanitize_input_whitelist'] = array(); |
|
|
} |
|
|
|
|
|
$sanitized_keys = _drupal_bootstrap_sanitize_input($_GET, $conf['sanitize_input_whitelist']); |
|
|
$sanitized_keys = array_merge($sanitized_keys, _drupal_bootstrap_sanitize_input($_POST, $conf['sanitize_input_whitelist'])); |
|
|
$sanitized_keys = array_merge($sanitized_keys, _drupal_bootstrap_sanitize_input($_REQUEST, $conf['sanitize_input_whitelist'])); |
|
|
$sanitized_keys = array_merge($sanitized_keys, _drupal_bootstrap_sanitize_input($_COOKIE, $conf['sanitize_input_whitelist'])); |
|
|
$sanitized_keys = array_unique($sanitized_keys); |
|
|
|
|
|
if (count($sanitized_keys) && !empty($conf['sanitize_input_logging'])) { |
|
|
trigger_error(check_plain(sprintf('Potentially unsafe keys removed from request parameters: %s', implode(', ', $sanitized_keys)), E_USER_WARNING)); |
|
|
} |
|
|
|
|
|
$sanitized = TRUE; |
|
|
} |
|
|
} |
|
|
|
|
|
/** |
|
|
* Sanitizes unsafe keys from user input. |
|
|
* |
|
|
* @param mixed $input |
|
|
* Input to sanitize. |
|
|
* @param array $whitelist |
|
|
* Whitelist of values. |
|
|
* @return array |
|
|
*/ |
|
|
function _drupal_bootstrap_sanitize_input(&$input, $whitelist = array()) { |
|
|
$sanitized_keys = array(); |
|
|
|
|
|
if (is_array($input)) { |
|
|
foreach ($input as $key => $value) { |
|
|
if ($key !== '' && $key[0] === '#' && !in_array($key, $whitelist, TRUE)) { |
|
|
unset($input[$key]); |
|
|
$sanitized_keys[] = $key; |
|
|
} |
|
|
elseif (is_array($input[$key])) { |
|
|
$sanitized_keys = array_merge($sanitized_keys, _drupal_bootstrap_sanitize_input($input[$key], $whitelist)); |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
return $sanitized_keys; |
|
|
} |