Permalink
Browse files

SECURITY: Интерфейс администратора: перенаправление на страницу автор…

…изации при отсутствии HTTP-заголовка 'Referer' или его несовпадении с адресом магазина

git-svn-id: http://subversion.assembla.com/svn/ocstoreru@367 44b37dae-b762-45cd-8c5e-82695f3631dd
  • Loading branch information...
1 parent e4d2ade commit 83122d48faf3c1e3571c0749503975d696479ba1 Sammy95 committed with Sammy95 Apr 16, 2012
@@ -232,6 +232,11 @@ public function login() {
return $this->forward('common/login');
}
+ if (!isset($this->request->server['HTTP_REFERER']) or strncasecmp($this->request->server['HTTP_REFERER'], HTTP_SERVER, strlen(HTTP_SERVER))!==0
+ or strncasecmp($this->request->server['HTTP_REFERER'], HTTPS_SERVER, strlen(HTTPS_SERVER))!==0) {
+ return $this->forward('common/login');
+ }
+
if (isset($this->request->get['route'])) {
$route = '';
@@ -7,7 +7,9 @@ public function index() {
$this->document->title = $this->language->get('heading_title');
- if ($this->user->isLogged() && isset($this->request->get['token']) && ($this->request->get['token'] == $this->session->data['token'])) {
+ if ($this->user->isLogged() && isset($this->request->get['token']) && ($this->request->get['token'] == $this->session->data['token'])
+ && isset($this->request->server['HTTP_REFERER']) && (strncasecmp($this->request->server['HTTP_REFERER'], HTTP_SERVER, strlen(HTTP_SERVER))===0
+ or strncasecmp($this->request->server['HTTP_REFERER'], HTTPS_SERVER, strlen(HTTPS_SERVER))===0)) {
$this->redirect(HTTPS_SERVER . 'index.php?route=common/home&token=' . $this->session->data['token']);
}

0 comments on commit 83122d4

Please sign in to comment.