nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix possible XSS on IIS redirect page.

Browse Source
This commit is contained in:
Michal Čihař
2010-08-20 11:19:28 +02:00
parent 0fd0512c9b
commit 2051a861f8
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
libraries/common.lib.php
View File

@@ -622,22 +622,23 @@ function PMA_convert_using($string, $mode='unquoted', $force_utf8 = false)
function PMA_sendHeaderLocation($uri)
{
if (PMA_IS_IIS && strlen($uri) > 600) {
require_once './libraries/js_escape.lib.php';
echo '<html><head><title>- - -</title>' . "\n";
echo '<meta http-equiv="expires" content="0">' . "\n";
echo '<meta http-equiv="Pragma" content="no-cache">' . "\n";
echo '<meta http-equiv="Cache-Control" content="no-cache">' . "\n";
echo '<meta http-equiv="Refresh" content="0;url=' .$uri . '">' . "\n";
echo '<meta http-equiv="Refresh" content="0;url=' . htmlspecialchars($uri) . '">' . "\n";
echo '<script type="text/javascript">' . "\n";
echo '//<![CDATA[' . "\n";
echo 'setTimeout("window.location = unescape(\'"' . $uri . '"\')", 2000);' . "\n";
echo 'setTimeout("window.location = unescape(\'"' . PMA_escapeJsString($uri) . '"\')", 2000);' . "\n";
echo '//]]>' . "\n";
echo '</script>' . "\n";
echo '</head>' . "\n";
echo '<body>' . "\n";
echo '<script type="text/javascript">' . "\n";
echo '//<![CDATA[' . "\n";
echo 'document.write(\'<p><a href="' . $uri . '">' . $GLOBALS['strGo'] . '</a></p>\');' . "\n";
echo 'document.write(\'<p><a href="' . htmlspecialchars($uri) . '">' . $GLOBALS['strGo'] . '</a></p>\');' . "\n";
echo '//]]>' . "\n";
echo '</script></body></html>' . "\n";