From 0cbe0b47967f7cc70f8d6291e983a1b706e37405 Mon Sep 17 00:00:00 2001
From: Shannon <sdeminick@gmail.com>
Date: Tue, 16 Jul 2019 22:34:34 +1000
Subject: [PATCH] Cherry picks ValidateUmbracoFormRouteStringAttribute
 implementation

---
 .../Controllers/UmbLoginController.cs         |  1 +
 .../Controllers/UmbLoginStatusController.cs   |  1 +
 .../Controllers/UmbProfileController.cs       |  1 +
 .../Controllers/UmbRegisterController.cs      |  1 +
 .../HttpUmbracoFormRouteStringException.cs    | 23 ++++++++
 ...ValidateUmbracoFormRouteStringAttribute.cs | 52 +++++++++++++++++++
 src/Umbraco.Web/Umbraco.Web.csproj            |  2 +
 7 files changed, 81 insertions(+)
 create mode 100644 src/Umbraco.Web/Mvc/HttpUmbracoFormRouteStringException.cs
 create mode 100644 src/Umbraco.Web/Mvc/ValidateUmbracoFormRouteStringAttribute.cs

diff --git a/src/Umbraco.Web/Controllers/UmbLoginController.cs b/src/Umbraco.Web/Controllers/UmbLoginController.cs
index 2980b4a4c0..2ff80e2668 100644
--- a/src/Umbraco.Web/Controllers/UmbLoginController.cs
+++ b/src/Umbraco.Web/Controllers/UmbLoginController.cs
@@ -22,6 +22,7 @@ namespace Umbraco.Web.Controllers
 
         [HttpPost]
         [ValidateAntiForgeryToken]
+        [ValidateUmbracoFormRouteString]
         public ActionResult HandleLogin([Bind(Prefix = "loginModel")]LoginModel model)
         {
             if (ModelState.IsValid == false)
diff --git a/src/Umbraco.Web/Controllers/UmbLoginStatusController.cs b/src/Umbraco.Web/Controllers/UmbLoginStatusController.cs
index fdc2de8c5f..8f572404fc 100644
--- a/src/Umbraco.Web/Controllers/UmbLoginStatusController.cs
+++ b/src/Umbraco.Web/Controllers/UmbLoginStatusController.cs
@@ -24,6 +24,7 @@ namespace Umbraco.Web.Controllers
 
         [HttpPost]
         [ValidateAntiForgeryToken]
+        [ValidateUmbracoFormRouteString]
         public ActionResult HandleLogout([Bind(Prefix = "logoutModel")]PostRedirectModel model)
         {
             if (ModelState.IsValid == false)
diff --git a/src/Umbraco.Web/Controllers/UmbProfileController.cs b/src/Umbraco.Web/Controllers/UmbProfileController.cs
index b14652ad2e..d9333e8e65 100644
--- a/src/Umbraco.Web/Controllers/UmbProfileController.cs
+++ b/src/Umbraco.Web/Controllers/UmbProfileController.cs
@@ -23,6 +23,7 @@ namespace Umbraco.Web.Controllers
 
         [HttpPost]
         [ValidateAntiForgeryToken]
+        [ValidateUmbracoFormRouteString]
         public ActionResult HandleUpdateProfile([Bind(Prefix = "profileModel")] ProfileModel model)
         {
             var provider = Core.Security.MembershipProviderExtensions.GetMembersMembershipProvider();
diff --git a/src/Umbraco.Web/Controllers/UmbRegisterController.cs b/src/Umbraco.Web/Controllers/UmbRegisterController.cs
index b0187d6127..4f4173a67d 100644
--- a/src/Umbraco.Web/Controllers/UmbRegisterController.cs
+++ b/src/Umbraco.Web/Controllers/UmbRegisterController.cs
@@ -24,6 +24,7 @@ namespace Umbraco.Web.Controllers
 
         [HttpPost]
         [ValidateAntiForgeryToken]
+        [ValidateUmbracoFormRouteString]
         public ActionResult HandleRegisterMember([Bind(Prefix = "registerModel")]RegisterModel model)
         {
             if (ModelState.IsValid == false)
diff --git a/src/Umbraco.Web/Mvc/HttpUmbracoFormRouteStringException.cs b/src/Umbraco.Web/Mvc/HttpUmbracoFormRouteStringException.cs
new file mode 100644
index 0000000000..d4734e5d24
--- /dev/null
+++ b/src/Umbraco.Web/Mvc/HttpUmbracoFormRouteStringException.cs
@@ -0,0 +1,23 @@
+using System;
+using System.Net;
+using System.Web;
+
+namespace Umbraco.Web.Mvc
+{
+    /// <summary>
+    /// Exception that occurs when an Umbraco form route string is invalid
+    /// </summary>
+    /// <seealso cref="System.Web.HttpException" />
+    [Serializable]
+    public sealed class HttpUmbracoFormRouteStringException : HttpException
+    {
+        /// <summary>
+        /// Initializes a new instance of the <see cref="HttpUmbracoFormRouteStringException" /> class.
+        /// </summary>
+        /// <param name="message">The error message displayed to the client when the exception is thrown.</param>
+        public HttpUmbracoFormRouteStringException(string message)
+            : base(message)
+        { }
+
+    }
+}
diff --git a/src/Umbraco.Web/Mvc/ValidateUmbracoFormRouteStringAttribute.cs b/src/Umbraco.Web/Mvc/ValidateUmbracoFormRouteStringAttribute.cs
new file mode 100644
index 0000000000..a57ce7e7f7
--- /dev/null
+++ b/src/Umbraco.Web/Mvc/ValidateUmbracoFormRouteStringAttribute.cs
@@ -0,0 +1,52 @@
+using System;
+using System.Net;
+using System.Web.Mvc;
+using Umbraco.Core;
+
+namespace Umbraco.Web.Mvc
+{
+    /// <summary>
+    /// Represents an attribute that is used to prevent an invalid Umbraco form request route string on a request.
+    /// </summary>
+    /// <seealso cref="System.Web.Mvc.FilterAttribute" />
+    /// <seealso cref="System.Web.Mvc.IAuthorizationFilter" />
+    [AttributeUsage(AttributeTargets.Class | AttributeTargets.Method, AllowMultiple = false, Inherited = true)]
+    public sealed class ValidateUmbracoFormRouteStringAttribute : FilterAttribute, IAuthorizationFilter
+    {
+        /// <summary>
+        /// Called when authorization is required.
+        /// </summary>
+        /// <param name="filterContext">The filter context.</param>
+        /// <exception cref="ArgumentNullException">filterContext</exception>
+        /// <exception cref="Umbraco.Web.Mvc.HttpUmbracoFormRouteStringException">The required request field \"ufprt\" is not present.
+        /// or
+        /// The Umbraco form request route string could not be decrypted.
+        /// or
+        /// The provided Umbraco form request route string was meant for a different controller and action.</exception>
+        public void OnAuthorization(AuthorizationContext filterContext)
+        {
+            if (filterContext == null)
+            {
+                throw new ArgumentNullException(nameof(filterContext));
+            }
+
+            var ufprt = filterContext.HttpContext.Request["ufprt"];
+            if (ufprt.IsNullOrWhiteSpace())
+            {
+                throw new HttpUmbracoFormRouteStringException("The required Umbraco request data is invalid.");
+            }
+
+            if (!UmbracoHelper.DecryptAndValidateEncryptedRouteString(ufprt, out var additionalDataParts))
+            {
+                throw new HttpUmbracoFormRouteStringException("The required Umbraco request data is invalid.");
+            }
+
+            if (additionalDataParts[RenderRouteHandler.ReservedAdditionalKeys.Controller] != filterContext.ActionDescriptor.ControllerDescriptor.ControllerName ||
+                additionalDataParts[RenderRouteHandler.ReservedAdditionalKeys.Action] != filterContext.ActionDescriptor.ActionName ||
+                additionalDataParts[RenderRouteHandler.ReservedAdditionalKeys.Area].NullOrWhiteSpaceAsNull() != filterContext.RouteData.DataTokens["area"]?.ToString().NullOrWhiteSpaceAsNull())
+            {
+                throw new HttpUmbracoFormRouteStringException("The required Umbraco request data is invalid.");
+            }
+        }
+    }
+}
diff --git a/src/Umbraco.Web/Umbraco.Web.csproj b/src/Umbraco.Web/Umbraco.Web.csproj
index 105a40b4a7..39a05ddbc4 100755
--- a/src/Umbraco.Web/Umbraco.Web.csproj
+++ b/src/Umbraco.Web/Umbraco.Web.csproj
@@ -219,8 +219,10 @@
     <Compile Include="Models\Mapping\MapperContextExtensions.cs" />
     <Compile Include="Models\PublishedContent\HybridVariationContextAccessor.cs" />
     <Compile Include="Models\TemplateQuery\QueryConditionExtensions.cs" />
+    <Compile Include="Mvc\HttpUmbracoFormRouteStringException.cs" />
     <Compile Include="Mvc\ModelBindingExceptionFilter.cs" />
     <Compile Include="Mvc\SurfaceControllerTypeCollectionBuilder.cs" />
+    <Compile Include="Mvc\ValidateUmbracoFormRouteStringAttribute.cs" />
     <Compile Include="Profiling\WebProfilingController.cs" />
     <Compile Include="PublishedCache\NuCache\Snap\GenObj.cs" />
     <Compile Include="PublishedCache\NuCache\Snap\GenRef.cs" />