Add CSRF ( and open redirect) protection

b48a6abb · Peter Rotich · d16d8c18 · b48a6abb · b48a6abb
Commit b48a6abb authored 12 years ago by Peter Rotich
--- a/l.php
+++ b/l.php
@@ -14,8 +14,9 @@
    vim: expandtab sw=4 ts=4 sts=4:
 **********************************************************************/
 require 'secure.inc.php';
-$url = trim($_GET['url']);
-if (!$url || !Validator::is_url($url)) exit('Invalid url');
+//Basic url validation + token check.
+if (!($url=trim($_GET['url'])) || !Validator::is_url($url) || !$ost->validateLinkToken($_GET['auth']))
+    exit('Invalid url');
 ?>
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
 <html>

--- a/scp/l.php
+++ b/scp/l.php
@@ -14,8 +14,9 @@
    vim: expandtab sw=4 ts=4 sts=4:
 **********************************************************************/
 require_once 'staff.inc.php';
-$url = trim($_GET['url']);
-if (!$url || !Validator::is_url($url)) exit('Invalid url');
+//Basic url validation + token check.
+if (!($url=trim($_GET['url'])) || !Validator::is_url($url) || !$ost->validateLinkToken($_GET['auth']))
+    exit('Invalid url');
 ?>
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
 <html>