Skip to content
This repository
Browse code

SECURITY: Интерфейс администратора: перенаправление на страницу автор…

…изации при отсутствии HTTP-заголовка 'Referer' или его несовпадении с адресом магазина

git-svn-id: http://subversion.assembla.com/svn/ocstoreru@367 44b37dae-b762-45cd-8c5e-82695f3631dd
  • Loading branch information...
commit 83122d48faf3c1e3571c0749503975d696479ba1 1 parent e4d2ade
authored Sammy95 committed
5  branches/v0.2.x/admin/controller/common/home.php
@@ -232,6 +232,11 @@ public function login() {
232 232
 			return $this->forward('common/login');
233 233
 		}
234 234
 
  235
+		if (!isset($this->request->server['HTTP_REFERER']) or strncasecmp($this->request->server['HTTP_REFERER'], HTTP_SERVER, strlen(HTTP_SERVER))!==0
  236
+			 or strncasecmp($this->request->server['HTTP_REFERER'], HTTPS_SERVER, strlen(HTTPS_SERVER))!==0) {
  237
+			return $this->forward('common/login');
  238
+		}
  239
+
235 240
 		if (isset($this->request->get['route'])) {
236 241
 			$route = '';
237 242
 
4  branches/v0.2.x/admin/controller/common/login.php
@@ -7,7 +7,9 @@ public function index() {
7 7
 
8 8
 		$this->document->title = $this->language->get('heading_title');
9 9
 
10  
-		if ($this->user->isLogged() && isset($this->request->get['token']) && ($this->request->get['token'] == $this->session->data['token'])) {
  10
+		if ($this->user->isLogged() && isset($this->request->get['token']) && ($this->request->get['token'] == $this->session->data['token'])
  11
+			 && isset($this->request->server['HTTP_REFERER']) && (strncasecmp($this->request->server['HTTP_REFERER'], HTTP_SERVER, strlen(HTTP_SERVER))===0
  12
+			 or strncasecmp($this->request->server['HTTP_REFERER'], HTTPS_SERVER, strlen(HTTPS_SERVER))===0)) {
11 13
 			$this->redirect(HTTPS_SERVER . 'index.php?route=common/home&token=' . $this->session->data['token']);
12 14
 		}
13 15
 

0 notes on commit 83122d4

Please sign in to comment.
Something went wrong with that request. Please try again.