Thank you for reporting this bug. We will make it our priority to review this report.
  1. #1
    Sencha User olivierpons's Avatar
    Join Date
    Dec 2009
    Location
    Aix en Provence,France
    Posts
    116
    Vote Rating
    1
    olivierpons is on a distinguished road

      0  

    Default [ext 4.0.2a] Security flaw in the php sample

    [ext 4.0.2a] Security flaw in the php sample


    Hi,

    I'm sorry I didn't know where to post this kind of problem, so I went to the "bug" Section.

    In this file :

    Code:
    ./examples/writer/remote/lib/application_controller.php
    In the dispatch() function code, you can read :

    Code:
     20         if ($request->action) {
     21             return $this->{$request->action}();
     22         }
    This means that if someone tries to access to functions he/she shouldn't access, he/she can send a request which will access to those functions.
    This may lead to a security flaw (imagine if someone creates a child class of ApplicationController that has a function like "authenticate()" ), someone from the outside could send a request which will access to this function (create a POST with an "action" variable that has the value "authenticate") and, for example try a brute force attack.

    This code implies that all the descendants have to sanitize the input ($request) before calling the dispatch() function.

    Maybe a big warning in the comments is missing?

    Tell me if I'm wrong, and if so, I apologize.

  2. #2
    Sencha - Ext JS Dev Team evant's Avatar
    Join Date
    Apr 2007
    Location
    Sydney, Australia
    Posts
    16,106
    Vote Rating
    503
    evant has a reputation beyond repute evant has a reputation beyond repute evant has a reputation beyond repute evant has a reputation beyond repute evant has a reputation beyond repute evant has a reputation beyond repute evant has a reputation beyond repute evant has a reputation beyond repute evant has a reputation beyond repute evant has a reputation beyond repute evant has a reputation beyond repute

      0  

    Default


    The server side code is just used to drive the examples, it's obviously your application code should use something more secure.
    Evan Trimboli
    Sencha Developer
    Twitter - @evantrimboli
    Don't be afraid of the source code!

  3. #3
    Sencha User olivierpons's Avatar
    Join Date
    Dec 2009
    Location
    Aix en Provence,France
    Posts
    116
    Vote Rating
    1
    olivierpons is on a distinguished road

      0  

    Default


    You're right. This is just an example, because this is much worse:

    Code:
    ./examples/writer/app.php
    Code:
     10     require('remote/app/controllers/' . $request->controller . '.php');


    Thank you for your answer,

    Olivier.

Thread Participants: 1

film izle

hd film izle

film sitesi

takipci kazanma sitesi

takipci kazanma sitesi

güzel olan herşey

takipci alma sitesi

komik eğlenceli videolar