diff options
author | diosmosis <diosmosis@users.noreply.github.com> | 2019-02-12 02:56:31 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-02-12 02:56:31 +0300 |
commit | 92fa86c7b252e2469227b7d1e7f553f297c66898 (patch) | |
tree | c1111910d378847dec8f42eaf11ee40e70dc8efd /plugins/Login | |
parent | 8e9942ff0729bea84fe52a83db076410500bba14 (diff) |
POST to login plugin in login form (#14081)
* Instead of using referrer URL, use redirect post param so we can post to Login module.
* Use actual login plugin name.
* Remove sanitization for form_redirect POST value.
* Couple more checks for a safer redirect.
* Do not include port in host check.
* Make sure hosts are not empty for more security.
Diffstat (limited to 'plugins/Login')
-rw-r--r-- | plugins/Login/Controller.php | 19 | ||||
-rw-r--r-- | plugins/Login/FormLogin.php | 3 | ||||
-rw-r--r-- | plugins/Login/javascripts/login.js | 3 | ||||
-rw-r--r-- | plugins/Login/templates/login.twig | 1 |
4 files changed, 19 insertions, 7 deletions
diff --git a/plugins/Login/Controller.php b/plugins/Login/Controller.php index 1f2fa7d68d..18c66c62e1 100644 --- a/plugins/Login/Controller.php +++ b/plugins/Login/Controller.php @@ -21,6 +21,7 @@ use Piwik\Plugins\UsersManager\Model AS UsersModel; use Piwik\QuickForm2; use Piwik\Session; use Piwik\Url; +use Piwik\UrlHelper; use Piwik\View; /** @@ -126,7 +127,6 @@ class Controller extends \Piwik\Plugin\ControllerAdmin function login($messageNoAccess = null, $infoMessage = false) { $form = new FormLogin(); - $form->removeAttribute('action'); // remove action attribute, otherwise hash part will be lost if ($form->validate()) { $nonce = $form->getSubmitValue('form_nonce'); if (Nonce::verifyNonce('Login.login', $nonce)) { @@ -303,14 +303,19 @@ class Controller extends \Piwik\Plugin\ControllerAdmin $this->passwordResetter->removePasswordResetInfo($login); if (empty($urlToRedirect)) { - $referrer = Url::getReferrer(); - $module = Common::getRequestVar('module', '', 'string'); + $redirect = Common::unsanitizeInputValue(Common::getRequestVar('form_redirect', false)); + $redirectParams = UrlHelper::getArrayFromQueryString(UrlHelper::getQueryFromUrl($redirect)); + $module = Common::getRequestVar('module', '', 'string', $redirectParams); // when module is login, we redirect to home... - if ($module !== 'Login' && $module !== Piwik::getLoginPluginName() && $referrer) { - $host = Url::getHostFromUrl($referrer); + if (!empty($module) && $module !== 'Login' && $module !== Piwik::getLoginPluginName() && $redirect) { + $host = Url::getHostFromUrl($redirect); + $currentHost = Url::getHost(); + $currentHost = explode(':', $currentHost, 2)[0]; + // we only redirect to a trusted host - if ($host && Url::isValidHost($host)) { - $urlToRedirect = $referrer; + if (!empty($host) && !empty($currentHost) && $host == $currentHost && Url::isValidHost($host) + ) { + $urlToRedirect = $redirect; } } } diff --git a/plugins/Login/FormLogin.php b/plugins/Login/FormLogin.php index 16213ab56b..934c12952c 100644 --- a/plugins/Login/FormLogin.php +++ b/plugins/Login/FormLogin.php @@ -19,6 +19,7 @@ class FormLogin extends QuickForm2 { function __construct($id = 'login_form', $method = 'post', $attributes = null, $trackSubmit = false) { + $attributes = array_merge($attributes ?: [], [ 'action' => '?module=' . Piwik::getLoginPluginName() ]); parent::__construct($id, $method, $attributes, $trackSubmit); } @@ -30,6 +31,8 @@ class FormLogin extends QuickForm2 $this->addElement('password', 'form_password') ->addRule('required', Piwik::translate('General_Required', Piwik::translate('General_Password'))); + $this->addElement('hidden', 'form_redirect'); + $this->addElement('hidden', 'form_nonce'); $this->addElement('checkbox', 'form_rememberme'); diff --git a/plugins/Login/javascripts/login.js b/plugins/Login/javascripts/login.js index 981f02b643..a2d5c2f482 100644 --- a/plugins/Login/javascripts/login.js +++ b/plugins/Login/javascripts/login.js @@ -39,6 +39,9 @@ }); }; + // set login form redirect url + $('#login_form_redirect').val(window.location.href); + // 'lost your password?' on click $('#login_form_nav').click(function (e) { e.preventDefault(); diff --git a/plugins/Login/templates/login.twig b/plugins/Login/templates/login.twig index 875d5e6818..a3bf51fd46 100644 --- a/plugins/Login/templates/login.twig +++ b/plugins/Login/templates/login.twig @@ -35,6 +35,7 @@ <div class="row"> <div class="col s12 input-field"> <input type="hidden" name="form_nonce" id="login_form_nonce" value="{{ nonce }}"/> + <input type="hidden" name="form_redirect" id="login_form_redirect" value=""/> <input type="password" placeholder="" name="form_password" id="login_form_password" class="input" value="" size="20" autocorrect="off" autocapitalize="none" tabindex="20" /> |