summaryrefslogtreecommitdiffstats
path: root/system/core/Security.php
diff options
context:
space:
mode:
Diffstat (limited to 'system/core/Security.php')
-rw-r--r--system/core/Security.php16
1 files changed, 9 insertions, 7 deletions
diff --git a/system/core/Security.php b/system/core/Security.php
index 0c187e72f..1c398632d 100644
--- a/system/core/Security.php
+++ b/system/core/Security.php
@@ -225,12 +225,9 @@ class CI_Security {
}
}
- // Do the tokens exist in both the _POST and _COOKIE arrays?
- if ( ! isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name])
- OR $_POST[$this->_csrf_token_name] !== $_COOKIE[$this->_csrf_cookie_name]) // Do the tokens match?
- {
- $this->csrf_show_error();
- }
+ // Check CSRF token validity, but don't error on mismatch just yet - we'll want to regenerate
+ $valid = isset($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name])
+ && hash_equals($_POST[$this->_csrf_token_name], $_COOKIE[$this->_csrf_cookie_name]);
// We kill this since we're done and we don't want to pollute the _POST array
unset($_POST[$this->_csrf_token_name]);
@@ -246,6 +243,11 @@ class CI_Security {
$this->_csrf_set_hash();
$this->csrf_set_cookie();
+ if ($valid !== TRUE)
+ {
+ $this->csrf_show_error();
+ }
+
log_message('info', 'CSRF token verified');
return $this;
}
@@ -500,7 +502,7 @@ class CI_Security {
* Becomes: <blink>
*/
$pattern = '#'
- .'<((?<slash>/*\s*)(?<tagName>[a-z0-9]+)(?=[^a-z0-9]|$)' // tag start and name, followed by a non-tag character
+ .'<((?<slash>/*\s*)((?<tagName>[a-z0-9]+)(?=[^a-z0-9]|$)|.+)' // tag start and name, followed by a non-tag character
.'[^\s\042\047a-z0-9>/=]*' // a valid attribute character immediately after the tag would count as a separator
// optional attributes
.'(?<attributes>(?:[\s\042\047/=]*' // non-attribute characters, excluding > (tag close) for obvious reasons