Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue #1558464 by Berdir, chx, fago, greggles: Fixed SA-CORE-2012-002 - Unvalidated form redirect.

8.0.x
webchick 2012-05-05 10:01:11 -07:00
parent 845d9839fd
commit 00e99a41cb
2 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/modules/user/user.module
View File

@ -1025,7 +1025,7 @@ function user_account_form_validate($form, &$form_state) {
}
function user_login_block($form) {
$form['#action'] = url(current_path(), array('query' => drupal_get_destination()));
$form['#action'] = url(current_path(), array('query' => drupal_get_destination(), 'external' => FALSE));
$form['#id'] = 'user-login-form';
$form['#validate'] = user_login_default_validators();
$form['#submit'][] = 'user_login_submit';

7
core/modules/user/user.test
View File

@ -1616,6 +1616,13 @@ class UserBlocksUnitTests extends DrupalWebTestCase {
$this->drupalPost('filter/tips', $edit, t('Log in'));
$this->assertNoText(t('User login'), t('Logged in.'));
$this->assertPattern('!<title.*?' . t('Compose tips') . '.*?</title>!', t('Still on the same page after login for allowed page'));
// Check that the user login block is not vulnerable to information
// disclosure to third party sites.
$this->drupalLogout();
$this->drupalPost('http://example.com/', $edit, t('Log in'), array('external' => FALSE));
// Check that we remain on the site after login.
$this->assertEqual(url('user/' . $user->uid, array('absolute' => TRUE)), $this->getUrl(), t('Redirected to user profile page after login from the frontpage'));
}
/**