| [ Index ] |
PHP Cross Reference of MediaWiki-1.24.0 |
[Source view] [Print] [Project Stats]
Checks for validity of requested URL's extension. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
| File Size: | 271 lines (9 kb) |
| Included or required: | 0 times |
| Referenced: | 0 times |
| Includes or requires: | 0 files |
IEUrlExtension:: (5 methods):
areServerVarsBad()
isUrlExtensionBad()
fixUrlForIE6()
findIE6Extension()
haveUndecodedRequestUri()
Class: IEUrlExtension - X-Ref
Internet Explorer derives a cache filename from a URL, and then in certain| areServerVarsBad( $vars, $extWhitelist = array() X-Ref |
| Check a subset of $_SERVER (or the whole of $_SERVER if you like) to see if it indicates that the request was sent with a bad file extension. Returns true if the request should be denied or modified, false otherwise. The relevant $_SERVER elements are: - SERVER_SOFTWARE - REQUEST_URI - QUERY_STRING - PATH_INFO If the a variable is unset in $_SERVER, it should be unset in $vars. param: array $vars A subset of $_SERVER. param: array $extWhitelist Extensions which are allowed, assumed harmless. return: bool |
| isUrlExtensionBad( $urlPart, $extWhitelist = array() X-Ref |
| Given a right-hand portion of a URL, determine whether IE would detect a potentially harmful file extension. param: string $urlPart The right-hand portion of a URL param: array $extWhitelist An array of file extensions which may occur in this return: bool |
| fixUrlForIE6( $url, $extWhitelist = array() X-Ref |
| Returns a variant of $url which will pass isUrlExtensionBad() but has the same GET parameters, or false if it can't figure one out. param: $url param: $extWhitelist array return: bool|string |
| findIE6Extension( $url ) X-Ref |
| Determine what extension IE6 will infer from a certain query string. If the URL has an extension before the question mark, IE6 will use that and ignore the query string, but per the comment at isPathInfoBad() we don't have a reliable way to determine the URL, so isPathInfoBad() just passes in the query string for $url. All entry points have safe extensions (php, php5) anyway, so checking the query string is possibly overly paranoid but never insecure. The criteria for finding an extension are as follows: - a possible extension is a dot followed by one or more characters not in <>\"/:|?.# - if we find a possible extension followed by the end of the string or a #, that's our extension - if we find a possible extension followed by a ?, that's our extension - UNLESS it's exe, dll or cgi, in which case we ignore it and continue searching for another possible extension - if we find a possible extension followed by a dot or another illegal character, we ignore it and continue searching param: string $url URL return: mixed Detected extension (string), or false if none found |
| haveUndecodedRequestUri( $serverSoftware ) X-Ref |
| When passed the value of $_SERVER['SERVER_SOFTWARE'], this function returns true if that server is known to have a REQUEST_URI variable with %2E not decoded to ".". On such a server, it is possible to detect whether the script filename has been obscured. The function returns false if the server is not known to have this behavior. Microsoft IIS in particular is known to decode escaped script filenames. SERVER_SOFTWARE typically contains either a plain string such as "Zeus", or a specification in the style of a User-Agent header, such as "Apache/1.3.34 (Unix) mod_ssl/2.8.25 OpenSSL/0.9.8a PHP/4.4.2" param: $serverSoftware return: bool |
| Generated: Fri Nov 28 14:03:12 2014 | Cross-referenced by PHPXref 0.7.1 |