fix: [userSettings] Perform URI validation for bookmarks
- As reported by Dawid Czarnecki from Zigrin Securitycli-modification-summary
parent
dfb8d73a92
commit
14ec995c2b
|
@ -135,4 +135,18 @@ class UserSettingsTable extends AppTable
|
||||||
}
|
}
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* validURI - Ensure the provided URI can be safely put as a link
|
||||||
|
*
|
||||||
|
* @param String $uri
|
||||||
|
* @return bool if the URI is safe to be put as a link
|
||||||
|
*/
|
||||||
|
public function validURI(String $uri): bool
|
||||||
|
{
|
||||||
|
$parsed = parse_url($uri);
|
||||||
|
$isLocalPath = empty($parsed['scheme']) && empty($parsed['domain']) && !empty($parsed['path']);
|
||||||
|
$isValidURL = !empty($parsed['scheme']) && in_array($parsed['scheme'], ['http', 'https']) && filter_var($uri, FILTER_SANITIZE_URL);
|
||||||
|
return $isLocalPath || $isValidURL;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,9 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use Cake\ORM\TableRegistry;
|
||||||
|
|
||||||
$bookmarks = !empty($loggedUser->user_settings_by_name['ui.bookmarks']['value']) ? json_decode($loggedUser->user_settings_by_name['ui.bookmarks']['value'], true) : [];
|
$bookmarks = !empty($loggedUser->user_settings_by_name['ui.bookmarks']['value']) ? json_decode($loggedUser->user_settings_by_name['ui.bookmarks']['value'], true) : [];
|
||||||
|
$this->userSettingsTable = TableRegistry::getTableLocator()->get('UserSettings');
|
||||||
?>
|
?>
|
||||||
|
|
||||||
<h3>
|
<h3>
|
||||||
|
@ -13,9 +17,15 @@ $bookmarks = !empty($loggedUser->user_settings_by_name['ui.bookmarks']['value'])
|
||||||
<ul class="col-sm-12 col-md-10 col-l-8 col-xl-8 mb-3">
|
<ul class="col-sm-12 col-md-10 col-l-8 col-xl-8 mb-3">
|
||||||
<?php foreach ($bookmarks as $bookmark) : ?>
|
<?php foreach ($bookmarks as $bookmark) : ?>
|
||||||
<li class="list-group-item">
|
<li class="list-group-item">
|
||||||
|
<?php if ($this->userSettingsTable->validURI($bookmark['url'])): ?>
|
||||||
<a href="<?= h($bookmark['url']) ?>" class="w-bold">
|
<a href="<?= h($bookmark['url']) ?>" class="w-bold">
|
||||||
<?= h($bookmark['label']) ?>
|
<?= h($bookmark['label']) ?>
|
||||||
</a>
|
</a>
|
||||||
|
<?php else: ?>
|
||||||
|
<span class="w-bold">
|
||||||
|
<?= h($bookmark['url']) ?>
|
||||||
|
</span>
|
||||||
|
<?php endif; ?>
|
||||||
<span class="ms-3 fw-light"><?= h($bookmark['name']) ?></span>
|
<span class="ms-3 fw-light"><?= h($bookmark['name']) ?></span>
|
||||||
</li>
|
</li>
|
||||||
<?php endforeach; ?>
|
<?php endforeach; ?>
|
||||||
|
|
|
@ -1,5 +1,8 @@
|
||||||
<?php
|
<?php
|
||||||
use Cake\Routing\Router;
|
use Cake\Routing\Router;
|
||||||
|
use Cake\ORM\TableRegistry;
|
||||||
|
|
||||||
|
$this->userSettingsTable = TableRegistry::getTableLocator()->get('UserSettings');
|
||||||
|
|
||||||
$seed = 'sb-' . mt_rand();
|
$seed = 'sb-' . mt_rand();
|
||||||
$icon = $entry['icon'] ?? '';
|
$icon = $entry['icon'] ?? '';
|
||||||
|
@ -14,6 +17,8 @@
|
||||||
$active = true;
|
$active = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$validURI = $this->userSettingsTable->validURI($url);
|
||||||
|
|
||||||
echo $this->Bootstrap->button([
|
echo $this->Bootstrap->button([
|
||||||
'nodeType' => 'a',
|
'nodeType' => 'a',
|
||||||
'text' => h($label),
|
'text' => h($label),
|
||||||
|
@ -22,9 +27,9 @@
|
||||||
'outline' => !$active,
|
'outline' => !$active,
|
||||||
'size' => 'sm',
|
'size' => 'sm',
|
||||||
'icon' => h($icon),
|
'icon' => h($icon),
|
||||||
'class' => ['mb-1'],
|
'class' => ['mb-1', !$validURI ? 'disabled' : ''],
|
||||||
'params' => [
|
'params' => [
|
||||||
'href' => h($url),
|
'href' => $validURI ? h($url) : '#',
|
||||||
]
|
]
|
||||||
]);
|
]);
|
||||||
?>
|
?>
|
||||||
|
|
Loading…
Reference in New Issue