diff options
| author | Andrey Andreev <narf@devilix.net> | 2017-01-10 12:16:14 +0100 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2017-01-10 12:16:14 +0100 |
| commit | 27647c9a8b5cd5a0e1fd78123316f359fe61a672 (patch) | |
| tree | e9e27e579a380ebcc449265460a47bf97013b1a4 /system/core/Security.php | |
| parent | 79fad9b16fca72f6c15913dd5296400f19136576 (diff) | |
| parent | 8f9ab65270ae033c5637f8a7d26ae834e9a71d5e (diff) | |
Merge branch '3.1-stable' into develop
Conflicts resolved:
system/core/CodeIgniter.php
system/database/drivers/sqlite/sqlite_driver.php
system/database/drivers/sqlite/sqlite_forge.php
system/database/drivers/sqlite/sqlite_result.php
system/database/drivers/sqlite/sqlite_utility.php
system/helpers/email_helper.php
system/helpers/smiley_helper.php
system/libraries/Cart.php
system/libraries/Email.php
system/libraries/Image_lib.php
system/libraries/Javascript.php
system/libraries/Javascript/Jquery.php
system/libraries/Session/SessionHandlerInterface.php
user_guide_src/source/changelog.rst
user_guide_src/source/installation/downloads.rst
user_guide_src/source/installation/upgrading.rst
Diffstat (limited to 'system/core/Security.php')
| -rw-r--r-- | system/core/Security.php | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/system/core/Security.php b/system/core/Security.php index 0c187e72f..1c398632d 100644 --- a/system/core/Security.php +++ b/system/core/Security.php @@ -225,12 +225,9 @@ class CI_Security { } } - // Do the tokens exist in both the _POST and _COOKIE arrays? - if ( ! isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]) - OR $_POST[$this->_csrf_token_name] !== $_COOKIE[$this->_csrf_cookie_name]) // Do the tokens match? - { - $this->csrf_show_error(); - } + // Check CSRF token validity, but don't error on mismatch just yet - we'll want to regenerate + $valid = isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]) + && hash_equals($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]); // We kill this since we're done and we don't want to pollute the _POST array unset($_POST[$this->_csrf_token_name]); @@ -246,6 +243,11 @@ class CI_Security { $this->_csrf_set_hash(); $this->csrf_set_cookie(); + if ($valid !== TRUE) + { + $this->csrf_show_error(); + } + log_message('info', 'CSRF token verified'); return $this; } @@ -500,7 +502,7 @@ class CI_Security { * Becomes: <blink> */ $pattern = '#' - .'<((?<slash>/*\s*)(?<tagName>[a-z0-9]+)(?=[^a-z0-9]|$)' // tag start and name, followed by a non-tag character + .'<((?<slash>/*\s*)((?<tagName>[a-z0-9]+)(?=[^a-z0-9]|$)|.+)' // tag start and name, followed by a non-tag character .'[^\s\042\047a-z0-9>/=]*' // a valid attribute character immediately after the tag would count as a separator // optional attributes .'(?<attributes>(?:[\s\042\047/=]*' // non-attribute characters, excluding > (tag close) for obvious reasons |