Merge tag '3.0.1' into develop
Fixed an open redirect vulnerability that could be used to construct an URL redirecting to an arbitraty domain
This commit is contained in:
Pierre Rudloff
commit
bfaea0e381
3 changed files with 22 additions and 6 deletions
|
|
@ -37,6 +37,25 @@ class ViewFactory
|
|||
->withScheme('https');
|
||||
}
|
||||
|
||||
/**
|
||||
* @param Uri $uri
|
||||
* @return Uri
|
||||
*/
|
||||
private static function cleanBasePath(Uri $uri): Uri
|
||||
{
|
||||
$basePath = $uri->getBasePath();
|
||||
if (str_ends_with($basePath, 'index.php')) {
|
||||
/*
|
||||
* When the base path ends with index.php,
|
||||
* routing works correctly, but it breaks the URL of static assets using {base_url}.
|
||||
* So we alter the base path but only in the URI used by SmartyPlugins.
|
||||
*/
|
||||
$uri = $uri->withBasePath(dirname($basePath));
|
||||
}
|
||||
|
||||
return $uri;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create Smarty view object.
|
||||
*
|
||||
|
|
@ -76,6 +95,8 @@ class ViewFactory
|
|||
/** @var LocaleManager $localeManager */
|
||||
$localeManager = $container->get('locale');
|
||||
|
||||
$uri = self::cleanBasePath($uri);
|
||||
|
||||
$smartyPlugins = new SmartyPlugins($container->get('router'), $uri->withUserInfo(''));
|
||||
$view->registerPlugin('function', 'path_for', [$smartyPlugins, 'pathFor']);
|
||||
$view->registerPlugin('function', 'base_url', [$smartyPlugins, 'baseUrl']);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue