-
Notifications
You must be signed in to change notification settings - Fork 0
SecurityIssues
OntoWiki is not tested for security yet...
HTTP Parameters should be validated for their expected type. For example if you use a parameter r that should contain a URI and is used in a SPARQL query, you should make sure it does not contain something like "> } UNION {[bad]} UNION {<http://notexisting". We plan to use Zend_Validator's in Ontowiki_Request::getParam.
http://www.acunetix.com/websitesecurity/crlf-injection.htm PHP has several functions that take filenames as one of their arguments: fopen(), file() and some others. If allow_url_fopen is set to On in php.ini, those functions also accept URLs instead of regular files, and they connect to the server in question with the correct protocol. This functionality is vulnerable to some CRLF Injection attacks.
One solution is to make sure that all variables that are used in this type of URL are clean, by including this command in your PHP scripts:
$var = preg_replace('/\\s+/', '', $var);