From 98f8819c170683348aeaf1ec032cfbf27a4d3c1f Mon Sep 17 00:00:00 2001 From: Maxim Leshchenko Date: Sun, 5 Dec 2021 00:48:25 +0200 Subject: [PATCH] Global: Fix CSRF vulnerabilities in /logout and language change Closes #281 --- Web/Presenters/AboutPresenter.php | 1 + Web/Presenters/AuthPresenter.php | 1 + Web/Presenters/templates/@layout.xml | 2 +- Web/Presenters/templates/About/Language.xml | 2 +- 4 files changed, 4 insertions(+), 2 deletions(-) diff --git a/Web/Presenters/AboutPresenter.php b/Web/Presenters/AboutPresenter.php index 7952c57f..4c7f916b 100644 --- a/Web/Presenters/AboutPresenter.php +++ b/Web/Presenters/AboutPresenter.php @@ -63,6 +63,7 @@ final class AboutPresenter extends OpenVKPresenter $this->template->languages = getLanguages(); if(!is_null($_GET['lg'])){ + $this->assertNoCSRF(); setLanguage($_GET['lg']); } } diff --git a/Web/Presenters/AuthPresenter.php b/Web/Presenters/AuthPresenter.php index cc34f8d3..4e11f97e 100644 --- a/Web/Presenters/AuthPresenter.php +++ b/Web/Presenters/AuthPresenter.php @@ -182,6 +182,7 @@ final class AuthPresenter extends OpenVKPresenter function renderLogout(): void { $this->assertUserLoggedIn(); + $this->assertNoCSRF(); $this->authenticator->logout(); Session::i()->set("_su", NULL); diff --git a/Web/Presenters/templates/@layout.xml b/Web/Presenters/templates/@layout.xml index a1cd39aa..987ba282 100644 --- a/Web/Presenters/templates/@layout.xml +++ b/Web/Presenters/templates/@layout.xml @@ -108,7 +108,7 @@