diff options
| author | Renato Botelho <renato@netgate.com> | 2017-04-10 15:04:40 -0300 |
|---|---|---|
| committer | Renato Botelho <renato@netgate.com> | 2017-04-10 15:07:40 -0300 |
| commit | f860a1ea8e836dd75f2a4012c1a773a4c75fc4ab (patch) | |
| tree | 0b603c83c4d8da96a79d6efe5691e2862e4ae274 /src/usr/local/www | |
| parent | 98ba645aebfe113f3265176ef24ef0e05dc3b3f4 (diff) | |
| download | pfsense-f860a1ea8e836dd75f2a4012c1a773a4c75fc4ab.zip pfsense-f860a1ea8e836dd75f2a4012c1a773a4c75fc4ab.tar.gz | |
Update CSRF to latest version from github
Diffstat (limited to 'src/usr/local/www')
| -rw-r--r-- | src/usr/local/www/csrf/csrf-magic.js | 16 | ||||
| -rw-r--r-- | src/usr/local/www/csrf/csrf-magic.php | 8 |
2 files changed, 14 insertions, 10 deletions
diff --git a/src/usr/local/www/csrf/csrf-magic.js b/src/usr/local/www/csrf/csrf-magic.js index a889773..0989c10 100644 --- a/src/usr/local/www/csrf/csrf-magic.js +++ b/src/usr/local/www/csrf/csrf-magic.js @@ -40,13 +40,11 @@ CsrfMagic.prototype = { send: function(data) { if (!this.csrf_isPost) return this.csrf_send(data); prepend = csrfMagicName + '=' + csrfMagicToken + '&'; - - // Removed to eliminate 'Refused to set unsafe header "Content-length" ' errors in modern browsers - // if (this.csrf_purportedLength === undefined) { - // this.csrf_setRequestHeader("Content-length", this.csrf_purportedLength + prepend.length); - // delete this.csrf_purportedLength; - // } - + // XXX: Removed to eliminate 'Refused to set unsafe header "Content-length" ' errors in modern browsers + // if (this.csrf_purportedLength === undefined) { + // this.csrf_setRequestHeader("Content-length", this.csrf_purportedLength + prepend.length); + // delete this.csrf_purportedLength; + // } delete this.csrf_isPost; return this.csrf_send(prepend + data); }, @@ -89,6 +87,10 @@ CsrfMagic.prototype._updateProps = function() { } } CsrfMagic.process = function(base) { + if(typeof base == 'object') { + base[csrfMagicName] = csrfMagicToken; + return base; + } var prepend = csrfMagicName + '=' + csrfMagicToken; if (base) return prepend + '&' + base; return prepend; diff --git a/src/usr/local/www/csrf/csrf-magic.php b/src/usr/local/www/csrf/csrf-magic.php index 58f4eba..65db19f 100644 --- a/src/usr/local/www/csrf/csrf-magic.php +++ b/src/usr/local/www/csrf/csrf-magic.php @@ -217,7 +217,8 @@ function csrf_get_tokens() { $secret = csrf_get_secret(); if (!$has_cookies && $secret) { // :TODO: Harden this against proxy-spoofing attacks - $ip = ';ip:' . csrf_hash($_SERVER['IP_ADDRESS']); + $IP_ADDRESS = (isset($_SERVER['IP_ADDRESS']) ? $_SERVER['IP_ADDRESS'] : $_SERVER['REMOTE_ADDR']); + $ip = ';ip:' . csrf_hash($IP_ADDRESS); } else { $ip = ''; } @@ -327,7 +328,8 @@ function csrf_check_token($token) { if ($GLOBALS['csrf']['user'] !== false) return false; if (!empty($_COOKIE)) return false; if (!$GLOBALS['csrf']['allow-ip']) return false; - return $value === csrf_hash($_SERVER['IP_ADDRESS'], $time); + $IP_ADDRESS = (isset($_SERVER['IP_ADDRESS']) ? $_SERVER['IP_ADDRESS'] : $_SERVER['REMOTE_ADDR']); + return $value === csrf_hash($IP_ADDRESS, $time); } return false; } @@ -379,7 +381,7 @@ function csrf_get_secret() { */ function csrf_generate_secret($len = 32) { $r = ''; - for ($i = 0; $i < 32; $i++) { + for ($i = 0; $i < $len; $i++) { $r .= chr(mt_rand(0, 255)); } $r .= time() . microtime(); |
