harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

extra_query_args() restricted to $_GET only. $_REQUEST was adding cookies and this is undesired and potentially a security issue.

Browse Source
This commit is contained in:
friendica 2014-09-06 03:11:07 -07:00
parent b9f221637b
commit 8cbeeb09da
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
include/text.php
View File

@ -2033,13 +2033,14 @@ function normalise_openid($s) {
return trim(str_replace(array('http://','https://'),array('',''),$s),'/'); return trim(str_replace(array('http://','https://'),array('',''),$s),'/');
} }
// used in ajax endless scroll request to find out all the args that the master page was viewing // used in ajax endless scroll request to find out all the args that the master page was viewing.
// This was using $_REQUEST, but $_REQUEST also contains all your cookies. So we're restricting it
// to $_GET. If this is used in a post handler, that decision may need to be considered.
function extra_query_args() { function extra_query_args() {
$s = ''; $s = '';
if(count($_REQUEST)) { if(count($_GET)) {
foreach($_REQUEST as $k => $v) { foreach($_GET as $k => $v) {
// these are request vars we don't want to duplicate // these are request vars we don't want to duplicate
if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) { if(! in_array($k, array('q','f','zid','page','PHPSESSID'))) {
$s .= '&' . $k . '=' . $v; $s .= '&' . $k . '=' . $v;