1 |
240bc75b
|
Assos Assos
|
<?php
|
2 |
|
|
|
3 |
|
|
/**
|
4 |
|
|
* @file
|
5 |
|
|
* Contains code for sanitizing user input from the request.
|
6 |
|
|
*/
|
7 |
|
|
|
8 |
|
|
/**
|
9 |
|
|
* Sanitizes user input from the request.
|
10 |
|
|
*/
|
11 |
|
|
class DrupalRequestSanitizer {
|
12 |
|
|
|
13 |
|
|
/**
|
14 |
|
|
* Tracks whether the request was already sanitized.
|
15 |
|
|
*/
|
16 |
|
|
protected static $sanitized = FALSE;
|
17 |
|
|
|
18 |
|
|
/**
|
19 |
|
|
* Modifies the request to strip dangerous keys from user input.
|
20 |
|
|
*/
|
21 |
|
|
public static function sanitize() {
|
22 |
|
|
if (!self::$sanitized) {
|
23 |
|
|
$whitelist = variable_get('sanitize_input_whitelist', array());
|
24 |
|
|
$log_sanitized_keys = variable_get('sanitize_input_logging', FALSE);
|
25 |
|
|
|
26 |
|
|
// Process query string parameters.
|
27 |
|
|
$get_sanitized_keys = array();
|
28 |
|
|
$_GET = self::stripDangerousValues($_GET, $whitelist, $get_sanitized_keys);
|
29 |
|
|
if ($log_sanitized_keys && $get_sanitized_keys) {
|
30 |
|
|
_drupal_trigger_error_with_delayed_logging(format_string('Potentially unsafe keys removed from query string parameters (GET): @keys', array('@keys' => implode(', ', $get_sanitized_keys))), E_USER_NOTICE);
|
31 |
|
|
}
|
32 |
|
|
|
33 |
|
|
// Process request body parameters.
|
34 |
|
|
$post_sanitized_keys = array();
|
35 |
|
|
$_POST = self::stripDangerousValues($_POST, $whitelist, $post_sanitized_keys);
|
36 |
|
|
if ($log_sanitized_keys && $post_sanitized_keys) {
|
37 |
|
|
_drupal_trigger_error_with_delayed_logging(format_string('Potentially unsafe keys removed from request body parameters (POST): @keys', array('@keys' => implode(', ', $post_sanitized_keys))), E_USER_NOTICE);
|
38 |
|
|
}
|
39 |
|
|
|
40 |
|
|
// Process cookie parameters.
|
41 |
|
|
$cookie_sanitized_keys = array();
|
42 |
|
|
$_COOKIE = self::stripDangerousValues($_COOKIE, $whitelist, $cookie_sanitized_keys);
|
43 |
|
|
if ($log_sanitized_keys && $cookie_sanitized_keys) {
|
44 |
|
|
_drupal_trigger_error_with_delayed_logging(format_string('Potentially unsafe keys removed from cookie parameters (COOKIE): @keys', array('@keys' => implode(', ', $cookie_sanitized_keys))), E_USER_NOTICE);
|
45 |
|
|
}
|
46 |
|
|
|
47 |
|
|
$request_sanitized_keys = array();
|
48 |
|
|
$_REQUEST = self::stripDangerousValues($_REQUEST, $whitelist, $request_sanitized_keys);
|
49 |
|
|
|
50 |
|
|
self::$sanitized = TRUE;
|
51 |
|
|
}
|
52 |
|
|
}
|
53 |
|
|
|
54 |
01f36513
|
Assos Assos
|
/**
|
55 |
|
|
* Removes the destination if it is dangerous.
|
56 |
|
|
*
|
57 |
|
|
* Note this can only be called after common.inc has been included.
|
58 |
|
|
*
|
59 |
|
|
* @return bool
|
60 |
|
|
* TRUE if the destination has been removed from $_GET, FALSE if not.
|
61 |
|
|
*/
|
62 |
|
|
public static function cleanDestination() {
|
63 |
|
|
$dangerous_keys = array();
|
64 |
|
|
$log_sanitized_keys = variable_get('sanitize_input_logging', FALSE);
|
65 |
|
|
|
66 |
|
|
$parts = drupal_parse_url($_GET['destination']);
|
67 |
|
|
// If there is a query string, check its query parameters.
|
68 |
|
|
if (!empty($parts['query'])) {
|
69 |
|
|
$whitelist = variable_get('sanitize_input_whitelist', array());
|
70 |
|
|
|
71 |
|
|
self::stripDangerousValues($parts['query'], $whitelist, $dangerous_keys);
|
72 |
|
|
if (!empty($dangerous_keys)) {
|
73 |
|
|
// The destination is removed rather than sanitized to mirror the
|
74 |
|
|
// handling of external destinations.
|
75 |
|
|
unset($_GET['destination']);
|
76 |
|
|
unset($_REQUEST['destination']);
|
77 |
|
|
if ($log_sanitized_keys) {
|
78 |
|
|
trigger_error(format_string('Potentially unsafe destination removed from query string parameters (GET) because it contained the following keys: @keys', array('@keys' => implode(', ', $dangerous_keys))));
|
79 |
|
|
}
|
80 |
|
|
return TRUE;
|
81 |
|
|
}
|
82 |
|
|
}
|
83 |
|
|
return FALSE;
|
84 |
|
|
}
|
85 |
|
|
|
86 |
240bc75b
|
Assos Assos
|
/**
|
87 |
|
|
* Strips dangerous keys from the provided input.
|
88 |
|
|
*
|
89 |
|
|
* @param mixed $input
|
90 |
|
|
* The input to sanitize.
|
91 |
|
|
* @param string[] $whitelist
|
92 |
|
|
* An array of keys to whitelist as safe.
|
93 |
|
|
* @param string[] $sanitized_keys
|
94 |
|
|
* An array of keys that have been removed.
|
95 |
|
|
*
|
96 |
|
|
* @return mixed
|
97 |
|
|
* The sanitized input.
|
98 |
|
|
*/
|
99 |
|
|
protected static function stripDangerousValues($input, array $whitelist, array &$sanitized_keys) {
|
100 |
|
|
if (is_array($input)) {
|
101 |
|
|
foreach ($input as $key => $value) {
|
102 |
6b24a280
|
Assos Assos
|
if ($key !== '' && is_string($key) && $key[0] === '#' && !in_array($key, $whitelist, TRUE)) {
|
103 |
240bc75b
|
Assos Assos
|
unset($input[$key]);
|
104 |
|
|
$sanitized_keys[] = $key;
|
105 |
|
|
}
|
106 |
|
|
else {
|
107 |
|
|
$input[$key] = self::stripDangerousValues($input[$key], $whitelist, $sanitized_keys);
|
108 |
|
|
}
|
109 |
|
|
}
|
110 |
|
|
}
|
111 |
|
|
return $input;
|
112 |
|
|
}
|
113 |
|
|
|
114 |
|
|
} |