/** * Verify nonce and check referrer (if present, i.e., it may be suppressed by the browser or a proxy/network). * * @param string $id Unique id * @param string $cnonce Nonce sent to client * @return bool true if valid; false otherwise */ static public function verifyNonce($id, $cnonce) { $ns = new Piwik_Session_Namespace($id); $nonce = $ns->nonce; // validate token if(empty($cnonce) || $cnonce !== $nonce) { return false; } // validate referer $referer = Piwik_Url::getReferer(); if(!empty($referer) && !Piwik_Url::isLocalUrl($referer)) { return false; } // validate origin $origin = self::getOrigin(); if(!empty($origin) && ($origin == 'null' || !in_array($origin, self::getAcceptableOrigins()))) { return false; } return true; }
/** * @dataProvider getLocalUrls * @group Core * @group Url */ public function testIsLocalUrl($httphost, $scripturi, $requesturi, $testurl, $result) { $_SERVER['HTTP_HOST'] = $httphost; $_SERVER['SCRIPT_URI'] = $scripturi; $_SERVER['REQUEST_URI'] = $requesturi; $urlToTest = $testurl; $this->assertEquals($result, Piwik_Url::isLocalUrl($urlToTest)); }
/** * @dataProvider getLocalUrls * @group Core * @group Url */ public function testIsLocalUrl($httphost, $scripturi, $requesturi, $testurl, $result) { $_SERVER['HTTP_HOST'] = $httphost; $_SERVER['SCRIPT_URI'] = $scripturi; $_SERVER['REQUEST_URI'] = $requesturi; Piwik_Config::getInstance()->General['trusted_hosts'] = array($httphost); $urlToTest = $testurl; $this->assertEquals($result, Piwik_Url::isLocalUrl($urlToTest)); }
public function test_isLocalUrl() { $saved = $this->saveGlobals(array('HTTP_HOST', 'SCRIPT_URI', 'REQUEST_URI')); $tests = array(array('www.example.com', 'http://www.example.com/path/index.php', '/path/index.php', 'http://www.example.com/path/index.php', true), array('www.example.com', 'http://www.example.com/path/index.php?module=X', '/path/index.php', 'http://www.example.com/path/', true), array('www.example.com', 'http://www.example.com/path/', '/path/index.php', 'http://www.example.com/path/index.php?module=Y', true), array('www.example.com', 'http://www.example.com/path/#anchor', '/path/index.php', 'http://www.example.com/path/?query', true), array('localhost:8080', 'http://localhost:8080/path/index.php', '/path/index.php', 'http://localhost:8080/path/index.php', true), array('www.example.com', 'http://www.example.com/path/', '/path/', 'http://www.example.com/path2/', true), array('www.example.com', 'http://www.example.com:80/path/index.php', '/path/index.php', 'http://www.example.com/path/index.php', true), array('www.example.com', 'http://www.example.com/path/index.php', '/path/index.php', 'http://www.example.com:80/path/index.php', true), array('localhost', 'http://localhost:8080/path/index.php', '/path/index.php', 'http://localhost:8080/path/index.php', true), array('localhost', 'http://localhost/path/index.php', '/path/index.php', 'http://localhost:8080/path/index.php', true), array('localhost', 'http://localhost:8080/path/index.php', '/path/index.php', 'http://localhost/path/index.php', true), array('localhost:8080', 'http://localhost/path/index.php', '/path/index.php', 'http://localhost:8080/path/index.php', true), array('localhost:8080', 'http://localhost:8080/path/index.php', '/path/index.php', 'http://localhost/path/index.php', true), array('localhost:8080', 'http://localhost/path/index.php', '/path/index.php', 'http://localhost/path/index.php', true), array('localhost:8080', 'http://localhost:8080/path/index.php', '/path/index.php', 'http://localhost:8080/path/index.php', true), array('[::1]', 'http://[::1]/path/index.php', '/path/index.php', 'http://[::1]/path/index.php', true), array('[::1]:8080', 'http://[::1]:8080/path/index.php', '/path/index.php', 'http://[::1]/path/index.php', true), array('[::1]:8080', 'http://[::1]/path/index.php', '/path/index.php', 'http://[::1]:8080/path/index.php', true), array('www.example.com', null, '/path/index.php', 'http://www.example.com/path/index.php', true), array('localhost:8080', null, '/path/index.php', 'http://localhost:8080/path/index.php', true), array('127.0.0.1:8080', null, '/path/index.php', 'http://127.0.0.1:8080/path/index.php', true), array('[::1]', null, '/path/index.php', 'http://[::1]/path/index.php', true), array('[::1]:8080', null, '/path/index.php', 'http://[::1]:8080/path/index.php', true), array('www.example.com', 'http://www.example.com/path/#anchor', 'http://www.example.com/path/index.php', 'http://www.example.com/path/?query', true), array('www.example.com', 'http://example.com/path/#anchor', '/path/index.php', 'http://example.com/path/referrer', true), array('www.example.com', 'http://www.example.com/path/#anchor', '/path/index.php', null, true), array('www.example.com', 'http://www.example.com/path/#anchor', '/path/index.php', '', true), array('www.example.com', 'http://www.example.com/path/?module=X', '/path/index.php', 'ftp://www.example.com/path/index.php', false), array('www.example.com', 'http://www.example.com/path/?module=X', '/path/index.php', 'http://example.com/path/index.php', false), array('www.example.com', 'http://www.example.com/path/', '/path/', 'http://crsf.example.com/path/', false)); foreach ($tests as $i => $test) { $_SERVER['HTTP_HOST'] = $test[0]; $_SERVER['SCRIPT_URI'] = $test[1]; $_SERVER['REQUEST_URI'] = $test[2]; $urlToTest = $test[3]; $this->assertEqual(Piwik_Url::isLocalUrl($urlToTest), $test[4], $i); } $this->restoreGlobals($saved); }
/** * Output redirection page instead of linking directly to avoid * exposing the referrer on the Piwik demo. * * @param string $url (via $_GET) */ public function redirect() { $url = Piwik_Common::getRequestVar('url', '', 'string', $_GET); // validate referrer $referrer = Piwik_Url::getReferer(); if (!empty($referrer) && !Piwik_Url::isLocalUrl($referrer)) { die('Invalid Referer detected - check that your browser sends the Referer header. <br/>The link you would have been redirected to is: ' . $url); exit; } // mask visits to *.piwik.org if (self::isPiwikUrl($url)) { echo '<html><head> <meta http-equiv="refresh" content="0;url=' . $url . '" /> </head></html>'; } exit; }