Commit 520d915d authored by Robert Lyon's avatar Robert Lyon
Browse files

Security bug 1770561: Avoid back button vulnerability



By using redirect to avoid exposing sensitive data after login /
password reset

behatnotneeded

Change-Id: I4d64c7c51bb1af81dac594de0563be243a990ed6
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
parent cfed69ea
......@@ -1072,7 +1072,7 @@ function auth_check_required_fields() {
'action' => '',
'elements' => $elements,
'dieaftersubmit' => FALSE,
'backoutaftersubmit' => TRUE,
'backoutaftersubmit' => FALSE,
));
}
......@@ -1253,9 +1253,6 @@ function requiredfields_submit(Pieform $form, $values) {
}
$SESSION->set('nocheckrequiredfields', true);
if ($form->get_property('backoutaftersubmit')) {
return;
}
redirect();
}
......@@ -1818,15 +1815,10 @@ function login_submit(Pieform $form, $values) {
}
}
auth_check_admin_section();
// This is also checked in $USER->login(), but it's good to check it again here in case a buggy auth plugin
// lets a suspended user through somehow.
ensure_user_account_is_active();
// Do redirect on login to avoid browser back button exploit
$requesturi = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];
redirect($requesturi);
// User is allowed to log in
//$USER->login($userdata);
auth_check_required_fields();
}
/**
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment