Skip to content

Commit fc793f8

Browse files
Security fix: prevent cache poisoning with the Referer header.
See [security advisory](GHSA-g4c2-ghfg-g5rh).
1 parent b9f97cb commit fc793f8

File tree

2 files changed

+11
-4
lines changed

2 files changed

+11
-4
lines changed

Diff for: Products/ATContentTypes/skins/ATContentTypes/image_view_fullscreen.pt

+8-4
Original file line numberDiff line numberDiff line change
@@ -46,15 +46,19 @@
4646
<body>
4747

4848
<div id="content-core">
49+
<tal:block define="referer request/HTTP_REFERER;
50+
url_tool nocall:context/portal_url;
51+
referer python:referer if referer and url_tool.isURLInPortal(referer) else '';">
4952
<a href=""
50-
tal:attributes="href request/HTTP_REFERER"
51-
tal:condition="request/HTTP_REFERER"
53+
tal:attributes="href referer"
54+
tal:condition="referer"
5255
><span i18n:translate="label_back_to_site">Back to site</span><br /><tal:block replace="structure context/tag" /></a>
5356

5457
<a href=""
55-
tal:attributes="href context/portal_url"
56-
tal:condition="not: request/HTTP_REFERER"
58+
tal:attributes="href python:url_tool()"
59+
tal:condition="not: referer"
5760
><span i18n:translate="label_home">Home</span><br /><tal:block replace="structure context/tag" /></a>
61+
</tal:block>
5862
</div>
5963

6064
</body>

Diff for: news/1.bugfix

+3
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
Security fix: prevent cache poisoning with the Referer header.
2+
See `security advisory <https://github.com/plone/Products.ATContentTypes/security/advisories/GHSA-g4c2-ghfg-g5rh>`.
3+
[maurits]

0 commit comments

Comments
 (0)