/**
* Verify nonce and check referrer (if present, i.e., it may be suppressed by the browser or a proxy/network).
*
* @param string $id Unique id
* @param string $cnonce Nonce sent to client
* @return bool true if valid; false otherwise
*/
static public function verifyNonce($id, $cnonce)
{
$ns = new Piwik_Session_Namespace($id);
$nonce = $ns->nonce;
// validate token
if(empty($cnonce) || $cnonce !== $nonce)
{
return false;
}
// validate referer
$referer = Piwik_Url::getReferer();
if(!empty($referer) && !Piwik_Url::isLocalUrl($referer))
{
return false;
}
// validate origin
$origin = self::getOrigin();
if(!empty($origin) &&
($origin == 'null'
|| !in_array($origin, self::getAcceptableOrigins())))
{
return false;
}
return true;
}
/**
* @dataProvider getLocalUrls
* @group Core
* @group Url
*/
public function testIsLocalUrl($httphost, $scripturi, $requesturi, $testurl, $result)
{
$_SERVER['HTTP_HOST'] = $httphost;
$_SERVER['SCRIPT_URI'] = $scripturi;
$_SERVER['REQUEST_URI'] = $requesturi;
$urlToTest = $testurl;
$this->assertEquals($result, Piwik_Url::isLocalUrl($urlToTest));
}
/**
* @dataProvider getLocalUrls
* @group Core
* @group Url
*/
public function testIsLocalUrl($httphost, $scripturi, $requesturi, $testurl, $result)
{
$_SERVER['HTTP_HOST'] = $httphost;
$_SERVER['SCRIPT_URI'] = $scripturi;
$_SERVER['REQUEST_URI'] = $requesturi;
Piwik_Config::getInstance()->General['trusted_hosts'] = array($httphost);
$urlToTest = $testurl;
$this->assertEquals($result, Piwik_Url::isLocalUrl($urlToTest));
}
public function test_isLocalUrl()
{
$saved = $this->saveGlobals(array('HTTP_HOST', 'SCRIPT_URI', 'REQUEST_URI'));
$tests = array(array('www.example.com', 'http://www.example.com/path/index.php', '/path/index.php', 'http://www.example.com/path/index.php', true), array('www.example.com', 'http://www.example.com/path/index.php?module=X', '/path/index.php', 'http://www.example.com/path/', true), array('www.example.com', 'http://www.example.com/path/', '/path/index.php', 'http://www.example.com/path/index.php?module=Y', true), array('www.example.com', 'http://www.example.com/path/#anchor', '/path/index.php', 'http://www.example.com/path/?query', true), array('localhost:8080', 'http://localhost:8080/path/index.php', '/path/index.php', 'http://localhost:8080/path/index.php', true), array('www.example.com', 'http://www.example.com/path/', '/path/', 'http://www.example.com/path2/', true), array('www.example.com', 'http://www.example.com:80/path/index.php', '/path/index.php', 'http://www.example.com/path/index.php', true), array('www.example.com', 'http://www.example.com/path/index.php', '/path/index.php', 'http://www.example.com:80/path/index.php', true), array('localhost', 'http://localhost:8080/path/index.php', '/path/index.php', 'http://localhost:8080/path/index.php', true), array('localhost', 'http://localhost/path/index.php', '/path/index.php', 'http://localhost:8080/path/index.php', true), array('localhost', 'http://localhost:8080/path/index.php', '/path/index.php', 'http://localhost/path/index.php', true), array('localhost:8080', 'http://localhost/path/index.php', '/path/index.php', 'http://localhost:8080/path/index.php', true), array('localhost:8080', 'http://localhost:8080/path/index.php', '/path/index.php', 'http://localhost/path/index.php', true), array('localhost:8080', 'http://localhost/path/index.php', '/path/index.php', 'http://localhost/path/index.php', true), array('localhost:8080', 'http://localhost:8080/path/index.php', '/path/index.php', 'http://localhost:8080/path/index.php', true), array('[::1]', 'http://[::1]/path/index.php', '/path/index.php', 'http://[::1]/path/index.php', true), array('[::1]:8080', 'http://[::1]:8080/path/index.php', '/path/index.php', 'http://[::1]/path/index.php', true), array('[::1]:8080', 'http://[::1]/path/index.php', '/path/index.php', 'http://[::1]:8080/path/index.php', true), array('www.example.com', null, '/path/index.php', 'http://www.example.com/path/index.php', true), array('localhost:8080', null, '/path/index.php', 'http://localhost:8080/path/index.php', true), array('127.0.0.1:8080', null, '/path/index.php', 'http://127.0.0.1:8080/path/index.php', true), array('[::1]', null, '/path/index.php', 'http://[::1]/path/index.php', true), array('[::1]:8080', null, '/path/index.php', 'http://[::1]:8080/path/index.php', true), array('www.example.com', 'http://www.example.com/path/#anchor', 'http://www.example.com/path/index.php', 'http://www.example.com/path/?query', true), array('www.example.com', 'http://example.com/path/#anchor', '/path/index.php', 'http://example.com/path/referrer', true), array('www.example.com', 'http://www.example.com/path/#anchor', '/path/index.php', null, true), array('www.example.com', 'http://www.example.com/path/#anchor', '/path/index.php', '', true), array('www.example.com', 'http://www.example.com/path/?module=X', '/path/index.php', 'ftp://www.example.com/path/index.php', false), array('www.example.com', 'http://www.example.com/path/?module=X', '/path/index.php', 'http://example.com/path/index.php', false), array('www.example.com', 'http://www.example.com/path/', '/path/', 'http://crsf.example.com/path/', false));
foreach ($tests as $i => $test) {
$_SERVER['HTTP_HOST'] = $test[0];
$_SERVER['SCRIPT_URI'] = $test[1];
$_SERVER['REQUEST_URI'] = $test[2];
$urlToTest = $test[3];
$this->assertEqual(Piwik_Url::isLocalUrl($urlToTest), $test[4], $i);
}
$this->restoreGlobals($saved);
}
/**
* Output redirection page instead of linking directly to avoid
* exposing the referrer on the Piwik demo.
*
* @param string $url (via $_GET)
*/
public function redirect()
{
$url = Piwik_Common::getRequestVar('url', '', 'string', $_GET);
// validate referrer
$referrer = Piwik_Url::getReferer();
if (!empty($referrer) && !Piwik_Url::isLocalUrl($referrer)) {
die('Invalid Referer detected - check that your browser sends the Referer header. <br/>The link you would have been redirected to is: ' . $url);
exit;
}
// mask visits to *.piwik.org
if (self::isPiwikUrl($url)) {
echo '<html><head>
<meta http-equiv="refresh" content="0;url=' . $url . '" />
</head></html>';
}
exit;
}
