From 74b5e22a684c3095dbd48b56da1a10d955c20305 Mon Sep 17 00:00:00 2001 From: Frank Karlitschek Date: Thu, 26 Apr 2012 23:17:46 +0200 Subject: some more csrf fixes --- lib/util.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lib') diff --git a/lib/util.php b/lib/util.php index ec70fd91cb5..29d0691a63d 100644 --- a/lib/util.php +++ b/lib/util.php @@ -253,6 +253,9 @@ class OC_Util { } else { $parameters["username"] = ''; } + $sectoken=rand(1000000,9999999); + $_SESSION['sectoken']=$sectoken; + $parameters["sectoken"] = $sectoken; OC_Template::printGuestPage("", "login", $parameters); } -- cgit v1.2.3 From ee0cb68f5ed91f30b5ab4c43d13433197b4fcb24 Mon Sep 17 00:00:00 2001 From: Frank Karlitschek Date: Fri, 27 Apr 2012 01:18:21 +0200 Subject: some csrf fixes. needs testing --- lib/base.php | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'lib') diff --git a/lib/base.php b/lib/base.php index 5c42000b9e1..a30f4e38c78 100644 --- a/lib/base.php +++ b/lib/base.php @@ -325,6 +325,16 @@ class OC{ self::checkInstalled(); self::checkSSL(); + // CSRF protection + if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer=''; + if(isset($_SERVER['HTTPS']) and $_SERVER['HTTPS']<>'') $protocol='https://'; else $protocol='http://'; + $server=$protocol.$_SERVER['SERVER_NAME']; + if(($_SERVER['REQUEST_METHOD']=='POST') and (substr($referer,0,strlen($server))<>$server)) { + $url = $protocol.$_SERVER['SERVER_NAME'].OC::$WEBROOT.'/index.php'; + header("Location: $url"); + exit(); + } + self::initSession(); self::initTemplateEngine(); self::checkUpgrade(); -- cgit v1.2.3