Fixes U4-1485 Booting.aspx has potential Open Redirect flaw

2013-01-17 08:38:09 -01:00
parent 816afe5abc
commit 5f1e327e4a
2 changed files with 76 additions and 26 deletions
--- a/src/Umbraco.Web.UI/config/splashes/booting.aspx
+++ b/src/Umbraco.Web.UI/config/splashes/booting.aspx
@@ -1,15 +1,23 @@
 <%@ Page Language="C#" AutoEventWireup="true" Inherits="System.Web.UI.Page" %>

+<%
+    // NH: Adds this inline check to avoid a simple codebehind file in the legacy project!
+    if (!umbraco.cms.helpers.url.ValidateProxyUrl(Request["url"], Request.Url.AbsoluteUri))
+    {
+        throw new ArgumentException("Can't redirect to the requested url - it's not local or an approved proxy url",
+                                    "url");
+    }
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" >
+<html xmlns="http://www.w3.org/1999/xhtml">
 <head>
    <title>The website is restarting</title>
-    <META HTTP-EQUIV=REFRESH CONTENT="10; URL=<%=Request["url"] %>">
+    <meta http-equiv="REFRESH" content="10; URL=<%=Request["url"] %>">
 </head>
 <body>
    <h1>The website is restarting</h1>
    <p>Please wait for 10s while we prepare to serve the page you have requested...</p>
-    
+
    <p style="border-top: 1px solid #ccc; padding-top: 10px;">
        <small>You can modify the design of this page by editing /config/splashes/booting.aspx</small>
    </p>