beenull/pwm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix xss in captcha-skip-param field

Browse source
This commit is contained in:
jrivard@gmail.com 2019-04-16 00:55:27 -06:00
parent b202f31adc
commit 335aac1a6e
7 changed files with 8 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
server/src/main/java/password/pwm/bean/LocalSessionStateBean.java
View file

@ -66,6 +66,7 @@ public class LocalSessionStateBean implements Serializable
private boolean passwordModified;
private boolean privateUrlAccessed;
private boolean captchaBypassedViaParameter;
private final AtomicInteger intruderAttempts = new AtomicInteger( 0 );
private final AtomicInteger requestCount = new AtomicInteger( 0 );

7
server/src/main/java/password/pwm/util/CaptchaUtility.java
View file

@ -331,6 +331,12 @@ public class CaptchaUtility
private static boolean checkIfCaptchaParamPresent( final PwmRequest pwmRequest )
throws PwmUnrecoverableException
{
if ( pwmRequest.getPwmSession().getSessionStateBean().isCaptchaBypassedViaParameter() )
{
LOGGER.trace( pwmRequest, () -> "valid skipCaptcha value previously received in session, skipping captcha check" );
return true;
}
final String skipCaptcha = pwmRequest.readParameterAsString( PwmConstants.PARAM_SKIP_CAPTCHA );
if ( skipCaptcha != null && skipCaptcha.length() > 0 )
{
@ -338,6 +344,7 @@ public class CaptchaUtility
if ( configValue != null && configValue.equals( skipCaptcha ) )
{
LOGGER.trace( pwmRequest, () -> "valid skipCaptcha value in request, skipping captcha check for this session" );
pwmRequest.getPwmSession().getSessionStateBean().setCaptchaBypassedViaParameter( true );
return true;
}
else

1
webapp/src/main/webapp/WEB-INF/jsp/activateuser.jsp
View file

@ -50,7 +50,6 @@
<input type="hidden" name="processAction" value="activate"/>
<%@ include file="/WEB-INF/jsp/fragment/cancel-button.jsp" %>
<input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
<input type="hidden" name="skipCaptcha" value="${param.skipCaptcha}"/>
</div>
</form>
</div>

1
webapp/src/main/webapp/WEB-INF/jsp/forgottenpassword-search.jsp
View file

@ -58,7 +58,6 @@
</button>
</pwm:if>
<input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
<input type="hidden" name="skipCaptcha" value="${param.skipCaptcha}"/>
</div>
</form>
</div>

1
webapp/src/main/webapp/WEB-INF/jsp/forgottenusername-search.jsp
View file

@ -51,7 +51,6 @@
</button>
<%@ include file="/WEB-INF/jsp/fragment/cancel-button.jsp" %>
<input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
<input type="hidden" name="skipCaptcha" value="${param.skipCaptcha}"/>
</div>
</form>
</div>

1
webapp/src/main/webapp/WEB-INF/jsp/login.jsp
View file

@ -71,7 +71,6 @@
<%@ include file="/WEB-INF/jsp/fragment/cancel-button.jsp" %>
</pwm:if>
<input type="hidden" id="pwmFormID" name="pwmFormID" value="<pwm:FormID/>"/>
<input type="hidden" name="skipCaptcha" value="${param.skipCaptcha}"/>
</div>
</div>
</form>

1
webapp/src/main/webapp/WEB-INF/jsp/newuser.jsp
View file

@ -54,7 +54,6 @@
<pwm:display key="Button_Continue"/>
</button>
<input type="hidden" name="pwmFormID" value="<pwm:FormID/>"/>
<input type="hidden" name="skipCaptcha" value="${param.skipCaptcha}"/>
<% if ((Boolean)JspUtility.getAttribute(pageContext, PwmRequestAttribute.NewUser_FormShowBackButton)) { %>
<button type="button" id="button-goBack" name="button-goBack" class="btn" >