Skip to content
Permalink
Browse files

Replace http:// with hxxp:// in src parameter to trick mod_security

  • Loading branch information
apeschar committed Jan 23, 2020
1 parent 73f0d7d commit 6d6896f379f24f0fdf4132d8bd243e217d0c6702
@@ -60,7 +60,7 @@ function processNode(el) {
var originalSrc = el.src;

el.src = config.serviceUrl +
'&src=' + encodeURIComponent(originalSrc) +
'&src=' + encodeURIComponent(originalSrc.replace(/^http/, 'hxxp')) +
'&cacheMarker=' + encodeURIComponent(cacheMarker);

return function () {
@@ -69,6 +69,9 @@ public static function setDefaultSerializationMode($mode) {

public static function fromHTTPRequest(Request $request) {
$params = $request->getGet();
if (isset($params['src'])) {
$params['src'] = preg_replace('~^hxxp(?=s?://)~', 'http', $params['src']);
}
$pathInfo = $request->getPathInfo();
if ($pathInfo) {
$params = array_merge($params, self::parsePathInfo($pathInfo));
@@ -279,7 +279,6 @@ public function testSettingDefaultSerializationMode() {
$this->assertEquals((string)$url, $querySerialization);
}


private function checkRequest(ServiceRequest $request, $expectedQuery, $expectedPath) {
$actualQuery = $request->serialize(ServiceRequest::FORMAT_QUERY);
$actualPath = $request->serialize(ServiceRequest::FORMAT_PATH);
@@ -288,4 +287,14 @@ private function checkRequest(ServiceRequest $request, $expectedQuery, $expected
$this->assertEquals($expectedPath, $actualPath);
}

public function testHxxp() {
$request = Request::fromArray(['src' => 'hxxp://yolo']);
$serviceRequest = ServiceRequest::fromHTTPRequest($request);
$this->assertEquals('http://yolo', $serviceRequest->getParams()['src']);

$request = Request::fromArray(['src' => 'hxxps://yolo']);
$serviceRequest = ServiceRequest::fromHTTPRequest($request);
$this->assertEquals('https://yolo', $serviceRequest->getParams()['src']);
}

}

0 comments on commit 6d6896f

Please sign in to comment.
You can’t perform that action at this time.