Skip to content
Snippets Groups Projects
Commit 2e4dc237 authored by Jaime Pérez Crespo's avatar Jaime Pérez Crespo
Browse files

Add a wrapper function redirectTrustedURL() around redirect(), and deprecate the latter. 

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3325 44740490-163a-0410-bde0-09ae8108e29a
parent 2ebe52dc
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/SimpleSAML/Utilities.php
+ 80
53
View file @ 2e4dc237
...@@ -494,38 +494,35 @@ class SimpleSAML_Utilities { ...@@ -494,38 +494,35 @@ class SimpleSAML_Utilities {
} }
/* This function redirects the user to the specified address. /**
* An optional set of query parameters can be appended by passing * This function redirects the user to the specified address.
* them in an array.
* *
* This function will use the HTTP 303 See Other redirect if the * This function will use the "HTTP 303 See Other" redirection if the
* current request is a POST request and the HTTP version is HTTP/1.1. * current request used the POST method and the HTTP version is 1.1.
* Otherwise a HTTP 302 Found redirect will be used. * Otherwise, a "HTTP 302 Found" redirection will be used.
* *
* The fuction will also generate a simple web page with a clickable * The fuction will also generate a simple web page with a clickable
* link to the target page. * link to the target page.
* *
* Parameters: * @param string $url The URL we should redirect to. This URL may include
* $url URL we should redirect to. This URL may include * query parameters. If this URL is a relative URL (starting with '/'),
* query parameters. If this URL is a relative URL * then it will be turned into an absolute URL by prefixing it with the
* (starting with '/'), then it will be turned into an * absolute URL to the root of the website.
* absolute URL by prefixing it with the absolute URL * @param string[] $parameters An array with extra query string parameters
* to the root of the website. * which should be appended to the URL. The name of the parameter is the
* $parameters Array with extra query string parameters which should * array index. The value of the parameter is the value stored in the index.
* be appended to the URL. The name of the parameter is * Both the name and the value will be urlencoded. If the value is NULL,
* the array index. The value of the parameter is the * then the parameter will be encoded as just the name, without a value.
* value stored in the index. Both the name and the value * @param string[] $allowed_redirect_hosts An array with a whitelist of
* will be urlencoded. If the value is NULL, then the * hosts for which redirects are allowed. If NULL, redirections will be
* parameter will be encoded as just the name, without a * allowed to any host. Otherwise, the host of the $url provided must be
* value. * present in this parameter. If the host is not whitelisted, an exception
* $allowed_redirect_hosts * will be thrown.
* Array whitelist of hosts that redirects are allowed for. *
* If NULL value, redirect will be allowed to any host. * @return void This function never returns.
* Otherwise, $url host must be present in Array for redirect. * @deprecated 1.12.0 This function will be removed from the API. Use
* If the host is not present, an exception will be thrown. * accordingly the redirectTrustedURL or redirectUntrustedURL functions
* * instead.
* Returns:
* This function never returns.
*/ */
public static function redirect($url, $parameters = array(), $allowed_redirect_hosts = NULL) { public static function redirect($url, $parameters = array(), $allowed_redirect_hosts = NULL) {
assert(is_string($url)); assert(is_string($url));
...@@ -541,19 +538,23 @@ class SimpleSAML_Utilities { ...@@ -541,19 +538,23 @@ class SimpleSAML_Utilities {
$url = self::selfURLhost() . $url; $url = self::selfURLhost() . $url;
} }
/* Verify that the URL is to a http or https site. */ /* Verify that the URL points to an http or https site. */
if (!preg_match('@^https?://@i', $url)) { if (!preg_match('@^https?://@i', $url)) {
throw new SimpleSAML_Error_Exception('Redirect to invalid URL: ' . $url); throw new SimpleSAML_Error_Exception('Redirect to invalid URL: ' . $url);
} }
/* Validates that URL host is among those allowed. */ /* Validates the URL's host is among those allowed. */
if ($allowed_redirect_hosts != NULL) { if ($allowed_redirect_hosts !== NULL) {
preg_match('@^https?://([^/]+)@i', $url, $matches); preg_match('@^https?://([^/]+)@i', $url, $matches);
$hostname = $matches[1]; $hostname = $matches[1];
/* Throw exception for redirect to untrusted site */ // add self host to the white list
$self_host = self::getSelfHost();
$allowed_redirect_hosts[] = $self_host;
/* Throw exception due to redirection to untrusted site */
if(!in_array($hostname, $allowed_redirect_hosts)) { if(!in_array($hostname, $allowed_redirect_hosts)) {
throw new SimpleSAML_Error_Exception('Redirect not to allowed redirect host: ' . $url); throw new SimpleSAML_Error_Exception('Redirection not to allowed to URL: ' . $url);
} }
} }
...@@ -606,7 +607,7 @@ class SimpleSAML_Utilities { ...@@ -606,7 +607,7 @@ class SimpleSAML_Utilities {
} }
if (strlen($url) > 2048) { if (strlen($url) > 2048) {
SimpleSAML_Logger::warning('Redirecting to URL longer than 2048 bytes.'); SimpleSAML_Logger::warning('Redirecting to an URL longer than 2048 bytes.');
} }
/* Set the location header. */ /* Set the location header. */
...@@ -639,25 +640,51 @@ class SimpleSAML_Utilities { ...@@ -639,25 +640,51 @@ class SimpleSAML_Utilities {
exit; exit;
} }
/* /**
* This function validates untrusted url has hostname against * This function redirects to the specified URL without performing
* config option 'redirect.trustedsites'. * any security checks. Please, do NOT use this function with user
* * supplied URLs.
* If option not set or hostname present among trusted sites,
* peforms redirect via function redirect above.
* *
* If site is not trusted, an exception will be thrown. * This function will use the "HTTP 303 See Other" redirection if the
* current request used the POST method and the HTTP version is 1.1.
* Otherwise, a "HTTP 302 Found" redirection will be used.
* *
* See function redirect for details on url, parameters and return. * The fuction will also generate a simple web page with a clickable
* link to the target URL.
*
* @param string $url The URL we should redirect to. This URL may include
* query parameters. If this URL is a relative URL (starting with '/'),
* then it will be turned into an absolute URL by prefixing it with the
* absolute URL to the root of the website.
* @param string[] $parameters An array with extra query string parameters
* which should be appended to the URL. The name of the parameter is the
* array index. The value of the parameter is the value stored in the index.
* Both the name and the value will be urlencoded. If the value is NULL,
* then the parameter will be encoded as just the name, without a value.
*
* @return void This function never returns.
*/
public static function redirectTrustedURL($url, $parameters = array()) {
self::redirect($url, $parameters);
}
/**
* This function redirects to the specified URL after performing the
* appropriate security checks on it. Particularly, it will make sure
* that the provided URL is allowed by the 'redirect.trustedsites'
* directive in the configuration.
*
* If the aforementioned option is not set or the URL does corresponds
* to a trusted site, it performs a redirection to it. If the site is
* not trusted, an exception will be thrown.
*
* See the redirectTrustedURL function for more details.
*
* @return void This function never returns.
*/ */
public static function redirectUntrustedURL($url, $parameters = array()) { public static function redirectUntrustedURL($url, $parameters = array()) {
$redirectTrustedSites = SimpleSAML_Configuration::getInstance()->getArray('redirect.trustedsites', NULL); $trustedSites = SimpleSAML_Configuration::getInstance()->getArray('redirect.trustedsites', NULL);
try { self::redirect($url, $parameters, $trustedSites);
self::redirect($url, $parameters, $redirectTrustedSites);
}
catch (SimpleSAML_Error_Exception $e) {
throw new SimpleSAML_Error_Exception('Site not in redirect.trusted sites: ' . $url);
}
} }
/** /**
...@@ -1120,7 +1147,7 @@ class SimpleSAML_Utilities { ...@@ -1120,7 +1147,7 @@ class SimpleSAML_Utilities {
*/ */
public static function resolveURL($url, $base = NULL) { public static function resolveURL($url, $base = NULL) {
if($base === NULL) { if($base === NULL) {
$base = SimpleSAML_Utilities::getBaseURL(); $base = self::getBaseURL();
} }
...@@ -1635,7 +1662,7 @@ class SimpleSAML_Utilities { ...@@ -1635,7 +1662,7 @@ class SimpleSAML_Utilities {
return; return;
} }
$returnTo = SimpleSAML_Utilities::selfURL(); $returnTo = self::selfURL();
/* Not authenticated as admin user. Start authentication. */ /* Not authenticated as admin user. Start authentication. */
...@@ -1646,7 +1673,7 @@ class SimpleSAML_Utilities { ...@@ -1646,7 +1673,7 @@ class SimpleSAML_Utilities {
/* For backwards-compatibility. */ /* For backwards-compatibility. */
$config = SimpleSAML_Configuration::getInstance(); $config = SimpleSAML_Configuration::getInstance();
SimpleSAML_Utilities::redirect('/' . $config->getBaseURL() . 'auth/login-admin.php', self::redirectTrustedURL('/' . $config->getBaseURL() . 'auth/login-admin.php',
array('RelayState' => $returnTo) array('RelayState' => $returnTo)
); );
} }
...@@ -2092,9 +2119,9 @@ class SimpleSAML_Utilities { ...@@ -2092,9 +2119,9 @@ class SimpleSAML_Utilities {
$url = SimpleSAML_Module::getModuleURL('core/no_cookie.php'); $url = SimpleSAML_Module::getModuleURL('core/no_cookie.php');
if ($retryURL !== NULL) { if ($retryURL !== NULL) {
$url = SimpleSAML_Utilities::addURLParameter($url, array('retryURL' => $retryURL)); $url = self::addURLParameter($url, array('retryURL' => $retryURL));
} }
SimpleSAML_Utilities::redirect($url); self::redirectTrustedURL($url);
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment