mirror of
https://github.com/openvk/openvk
synced 2024-12-23 09:01:15 +03:00
Global: Fix CSRF vulnerabilities in /logout and language change
Closes #281
This commit is contained in:
parent
735e75fa21
commit
98f8819c17
4 changed files with 4 additions and 2 deletions
|
@ -63,6 +63,7 @@ final class AboutPresenter extends OpenVKPresenter
|
||||||
$this->template->languages = getLanguages();
|
$this->template->languages = getLanguages();
|
||||||
|
|
||||||
if(!is_null($_GET['lg'])){
|
if(!is_null($_GET['lg'])){
|
||||||
|
$this->assertNoCSRF();
|
||||||
setLanguage($_GET['lg']);
|
setLanguage($_GET['lg']);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -182,6 +182,7 @@ final class AuthPresenter extends OpenVKPresenter
|
||||||
function renderLogout(): void
|
function renderLogout(): void
|
||||||
{
|
{
|
||||||
$this->assertUserLoggedIn();
|
$this->assertUserLoggedIn();
|
||||||
|
$this->assertNoCSRF();
|
||||||
$this->authenticator->logout();
|
$this->authenticator->logout();
|
||||||
Session::i()->set("_su", NULL);
|
Session::i()->set("_su", NULL);
|
||||||
|
|
||||||
|
|
|
@ -108,7 +108,7 @@
|
||||||
</a>
|
</a>
|
||||||
</div>
|
</div>
|
||||||
<div class="link">
|
<div class="link">
|
||||||
<a href="/logout">{_"header_log_out"}</a>
|
<a href="/logout?hash={urlencode($csrfToken)}">{_"header_log_out"}</a>
|
||||||
</div>
|
</div>
|
||||||
<div class="link">
|
<div class="link">
|
||||||
<form action="/search" method="get">
|
<form action="/search" method="get">
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
{block content}
|
{block content}
|
||||||
<div class="navigation">
|
<div class="navigation">
|
||||||
{foreach $languages as $language}
|
{foreach $languages as $language}
|
||||||
<a href="language?lg={$language['code']}" class="link"><img src="/assets/packages/static/openvk/img/flags/{$language['flag']}.gif"> {$language['native_name']}</a>
|
<a href="language?lg={$language['code']}&hash={urlencode($csrfToken)}" class="link"><img src="/assets/packages/static/openvk/img/flags/{$language['flag']}.gif"> {$language['native_name']}</a>
|
||||||
{/foreach}
|
{/foreach}
|
||||||
</div>
|
</div>
|
||||||
{/block}
|
{/block}
|
||||||
|
|
Loading…
Reference in a new issue