Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue #2852361 by Xano, smustgrave, pwolanin, mpdonadio, wolffereast, ranjith_kumar_k_u, John Cook, xjm, alexpott: Ignore repeated slashes in the incoming path like Drupal <= 7

merge-requests/2501/merge
catch 2022-07-22 14:29:26 +09:00
parent b271615b24
commit 511778a7a8
2 changed files with 11 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
core/lib/Drupal/Core/EventSubscriber/RedirectLeadingSlashesSubscriber.php
View File

@ -8,12 +8,12 @@ use Symfony\Component\HttpKernel\KernelEvents;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
/**
* Redirects paths starting with multiple slashes to a single slash.
* Redirects paths containing successive slashes to those with single slashes.
*/
class RedirectLeadingSlashesSubscriber implements EventSubscriberInterface {
/**
* Redirects paths starting with multiple slashes to a single slash.
* Redirects paths containing successive slashes to those with single slashes.
*
* @param \Symfony\Component\HttpKernel\Event\RequestEvent $event
* The RequestEvent to process.
@ -28,8 +28,8 @@ class RedirectLeadingSlashesSubscriber implements EventSubscriberInterface {
// submits back to the same URI this presents an open redirect
// vulnerability. Also, Drupal 7 renders the same page for
// http://www.example.org/foo and http://www.example.org////foo.
if (strpos($path, '//') === 0) {
$path = '/' . ltrim($path, '/');
if (strpos($path, '//') !== FALSE) {
$path = preg_replace('/\/+/', '/', $path);
$qs = $request->getQueryString();
if ($qs) {
$qs = '?' . $qs;

13
core/modules/system/tests/src/Functional/Routing/RouterTest.php
View File

@ -319,17 +319,18 @@ class RouterTest extends BrowserTestBase {
}
/**
* Ensure that multiple leading slashes are redirected.
* Ensure that multiple successive slashes are redirected.
*/
public function testLeadingSlashes() {
public function testSuccessiveSlashes() {
$request = $this->container->get('request_stack')->getCurrentRequest();
$url = $request->getUriForPath('//router_test/test1');
// Test a simple path with successive leading slashes.
$url = $request->getUriForPath('//////router_test/test1');
$this->drupalGet($url);
$this->assertSession()->addressEquals($request->getUriForPath('/router_test/test1'));
// It should not matter how many leading slashes are used and query strings
// should be preserved.
$url = $request->getUriForPath('/////////////////////////////////////////////////router_test/test1') . '?qs=test';
// Test successive slashes in the middle.
$url = $request->getUriForPath('/router_test//////test1') . '?qs=test';
$this->drupalGet($url);
$this->assertSession()->addressEquals($request->getUriForPath('/router_test/test1') . '?qs=test');