kareila: (Default)
kareila ([personal profile] kareila) wrote in [site community profile] changelog2009-08-13 11:38 pm
  • Add Memory
  • Share This Entry

[dw-free] Update direct referer checks to use check_referer instead

[commit: http://hg.dwscoalition.org/dw-free/rev/48a8800d5eec]

http://bugs.dwscoalition.org/show_bug.cgi?id=1557

Replace regexp referer checks with the check_referer function.

Patch by [personal profile] draigwen.

Files modified:
  • htdocs/interests.bml
  • htdocs/login.bml
  • htdocs/logout.bml
--------------------------------------------------------------------------------
diff -r efa4d53fc342 -r 48a8800d5eec htdocs/interests.bml
--- a/htdocs/interests.bml	Wed Aug 12 01:27:16 2009 -0500
+++ b/htdocs/interests.bml	Thu Aug 13 18:38:11 2009 -0500
@@ -84,7 +84,7 @@ body<=
 
         my $dbr = LJ::get_db_reader();
 
-        unless ($did_post || BML::get_client_header('Referer') =~ /^\Q$LJ::SITEROOT\E\/interests\?/)
+        unless ( $did_post || LJ::check_referer('/interests.bml') )
         {
             my ($int) = $dbr->selectrow_array("SELECT interest FROM interests WHERE intid=?", undef, $intid);
             LJ::text_out(\$int);
diff -r efa4d53fc342 -r 48a8800d5eec htdocs/login.bml
--- a/htdocs/login.bml	Wed Aug 12 01:27:16 2009 -0500
+++ b/htdocs/login.bml	Thu Aug 13 18:38:11 2009 -0500
@@ -354,11 +354,11 @@
             return if $want_success_redirect->();
 
             my $referer = BML::get_client_header('Referer');
-            if ($POST{'ref'} =~ /\Q$LJ::DOMAIN\E/ && $POST{'ref'} !~ m!/logout\.bml$! &&
-                $POST{'ref'} !~ /[\n\r]/)
-            {
+            if ( $POST{'ref'} =~ /\Q$LJ::DOMAIN\E/ &&                   # page on our site
+                 ! LJ::check_referer( '/logout.bml', $POST{'ref'} ) &&  # but not the logout page
+                 $POST{'ref'} !~ /[\n\r]/ ) {                           # and no newline spoofing
                 return BML::redirect("$POST{'ref'}");
-            } elsif ($GET{'ret'} == 1 && $referer && $referer =~ /\Q$LJ::DOMAIN\E/) {
+            } elsif ( $GET{'ret'} == 1 && LJ::check_referer() ) {
                 my $uniq = BML::get_request()->notes->{uniq};
                 if ($uniq) {
                     LJ::MemCache::set("loginout:$uniq", 1, time() + 15);
diff -r efa4d53fc342 -r 48a8800d5eec htdocs/logout.bml
--- a/htdocs/logout.bml	Wed Aug 12 01:27:16 2009 -0500
+++ b/htdocs/logout.bml	Thu Aug 13 18:38:11 2009 -0500
@@ -48,13 +48,10 @@
             $u->logout;
 
             # Redirect within the site if ret=1
-            my $referer = BML::get_client_header('Referer');
-            if ($GET{'ret'} == 1 && $referer && $referer =~ /\Q$LJ::DOMAIN\E/) {
+            if ( $GET{'ret'} == 1 && LJ::check_referer() ) {
                 my $uniq = DW::Request->get->note('uniq');
-                if ($uniq) {
-                    LJ::MemCache::set("loginout:$uniq", 1, time() + 15);
-                }
-                return BML::redirect("$referer");
+                LJ::MemCache::set( "loginout:$uniq", 1, time() + 15 ) if $uniq;
+                return BML::redirect( BML::get_client_header('Referer') );
             }
 
             # Redirect to offsite uri if allowed.
--------------------------------------------------------------------------------
  • Add Memory
  • Share This Entry
(0 comments)

Post a comment in response:

This account has disabled anonymous posting.
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting

If you are unable to use this captcha for any reason, please contact us by email at support@dreamwidth.org

 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.