diff options
author | Dhananjay <dhananjaynakrani@gmail.com> | 2014-02-07 08:12:18 +0400 |
---|---|---|
committer | Dhananjay <dhananjaynakrani@gmail.com> | 2014-02-07 10:26:46 +0400 |
commit | 0a18d86059d2dac273df05ef6abc609db51b2919 (patch) | |
tree | 9a3402985008baaeacf0cd99b2978db24cbd8aba /url.php | |
parent | 723bd668b683e35d9c99c699e8eb0c40c79fe93b (diff) |
Fix for bug#4237.
Signed-off-by: Dhananjay <dhananjaynakrani@gmail.com>
Diffstat (limited to 'url.php')
-rw-r--r-- | url.php | 17 |
1 files changed, 16 insertions, 1 deletions
@@ -17,7 +17,22 @@ if (! PMA_isValid($_GET['url']) ) { header('Location: ' . $cfg['PmaAbsoluteUri']); } else { - header('Location: ' . $_GET['url']); + // header('Location: ' . $_GET['url']); + + // domain whitelist check + if (PMA_isAllowedDomain($_GET['url'])) { + // JavaScript redirection is necessary. Because if header() is used then web browser sometimes does not change the HTTP_REFERER field and so with old URL as Referer, token also goes to external site. + echo "<script type='text/javascript'> + window.onload=function(){ + window.location='".$_GET['url']."'; + } + </script>"; + echo 'Taking you to '.($_GET['url']); // Display redirecting msg on screen. + } + else + { + header('Location: ' . $cfg['PmaAbsoluteUri']); + } } die(); ?> |