EXTENDCOMM-55 : Avoid open redirect when deleting a comment

seboo · seboo · commit c6b3774e9e33 · 2018-08-01T15:33:37.000+02:00
diff --git a/src/java/fr/paris/lutece/plugins/extend/modules/comment/web/CommentApp.java b/src/java/fr/paris/lutece/plugins/extend/modules/comment/web/CommentApp.java
@@ -874,7 +874,16 @@ private XPage doRemoveComment( HttpServletRequest request, String strIdExtendabl
                 HttpServletResponse response = LocalVariables.getResponse(  );
                 try
                 {
-                    response.sendRedirect( strFromUrl );
+                    // Open redirect control (set baseUrl in lutece properties in case of ReverseProxy)
+                    if ( strFromUrl.startsWith( AppPathService.getBaseUrl( request ) ) )
+                    {
+                        response.sendRedirect( strFromUrl );
+                    }
+                    else
+                    {
+                        AppLogService.( "WARNING : Incorrect base URL", new MalformedURLException() );
+                    }
+                    
                 }
                 catch (IOException e)
                 {

Original file line number	Diff line number	Diff line change
`@@ -874,7 +874,16 @@ private XPage doRemoveComment( HttpServletRequest request, String strIdExtendabl`
`874`	`874`	`HttpServletResponse response = LocalVariables.getResponse( );`
`875`	`875`	`try`
`876`	`876`	`{`
`877`		`- response.sendRedirect( strFromUrl );`
	`877`	`+ // Open redirect control (set baseUrl in lutece properties in case of ReverseProxy)`
	`878`	`+ if ( strFromUrl.startsWith( AppPathService.getBaseUrl( request ) ) )`
	`879`	`+ {`
	`880`	`+ response.sendRedirect( strFromUrl );`
	`881`	`+ }`
	`882`	`+ else`
	`883`	`+ {`
	`884`	`+ AppLogService.( "WARNING : Incorrect base URL", new MalformedURLException() );`
	`885`	`+ }`
	`886`	`+`
`878`	`887`	`}`
`879`	`888`	`catch (IOException e)`
`880`	`889`	`{`