Merge pull request #25554 from nextcloud/fix/pslam/tainted_cookie
tain-escape the cookie input
This commit is contained in:
commit
d42f9e65a2
|
@ -41,15 +41,29 @@ if (!is_array($files_list)) {
|
||||||
$files_list = [$files];
|
$files_list = [$files];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @psalm-taint-escape cookie
|
||||||
|
*/
|
||||||
|
function cleanCookieInput(string $value): string {
|
||||||
|
if (strlen($value) > 32) {
|
||||||
|
return '';
|
||||||
|
}
|
||||||
|
if (preg_match('!^[a-zA-Z0-9]+$!', $_GET['downloadStartSecret']) !== 1) {
|
||||||
|
return '';
|
||||||
|
}
|
||||||
|
return $value;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* this sets a cookie to be able to recognize the start of the download
|
* this sets a cookie to be able to recognize the start of the download
|
||||||
* the content must not be longer than 32 characters and must only contain
|
* the content must not be longer than 32 characters and must only contain
|
||||||
* alphanumeric characters
|
* alphanumeric characters
|
||||||
*/
|
*/
|
||||||
if (isset($_GET['downloadStartSecret'])
|
if (isset($_GET['downloadStartSecret'])) {
|
||||||
&& !isset($_GET['downloadStartSecret'][32])
|
$value = cleanCookieInput($_GET['downloadStartSecret']);
|
||||||
&& preg_match('!^[a-zA-Z0-9]+$!', $_GET['downloadStartSecret']) === 1) {
|
if ($value !== '') {
|
||||||
setcookie('ocDownloadStarted', $_GET['downloadStartSecret'], time() + 20, '/');
|
setcookie('ocDownloadStarted', $value, time() + 20, '/');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$server_params = [ 'head' => \OC::$server->getRequest()->getMethod() === 'HEAD' ];
|
$server_params = [ 'head' => \OC::$server->getRequest()->getMethod() === 'HEAD' ];
|
||||||
|
|
Loading…
Reference in New Issue