You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@wicket.apache.org by iv...@apache.org on 2010/10/14 20:50:42 UTC

svn commit: r1022648 - /wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/markup/html/pages/BrowserInfoPage.java

Author: ivaynberg
Date: Thu Oct 14 18:50:42 2010
New Revision: 1022648

URL: http://svn.apache.org/viewvc?rev=1022648&view=rev
Log:

Issue: WICKET-3106

Modified:
    wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/markup/html/pages/BrowserInfoPage.java

Modified: wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/markup/html/pages/BrowserInfoPage.java
URL: http://svn.apache.org/viewvc/wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/markup/html/pages/BrowserInfoPage.java?rev=1022648&r1=1022647&r2=1022648&view=diff
==============================================================================
--- wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/markup/html/pages/BrowserInfoPage.java (original)
+++ wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/markup/html/pages/BrowserInfoPage.java Thu Oct 14 18:50:42 2010
@@ -74,10 +74,6 @@ public class BrowserInfoPage extends Web
 	public BrowserInfoPage(PageParameters parameters)
 	{
 		String to = Strings.toString(parameters.get("cto"));
-		if (to == null)
-		{
-			throw new IllegalArgumentException("parameter cto must be provided!");
-		}
 		setContinueTo(to);
 		initComps();
 		WebRequestCycle requestCycle = (WebRequestCycle)getRequestCycle();
@@ -110,10 +106,6 @@ public class BrowserInfoPage extends Web
 	 */
 	public BrowserInfoPage(final String continueTo)
 	{
-		if (continueTo == null)
-		{
-			throw new IllegalArgumentException("Argument continueTo must be not null");
-		}
 		setContinueTo(continueTo);
 		initComps();
 	}
@@ -188,6 +180,32 @@ public class BrowserInfoPage extends Web
 	 */
 	protected final void setContinueTo(String continueTo)
 	{
+		if (continueTo == null)
+		{
+			throw new IllegalArgumentException("Argument continueTo must not be null");
+		}
+		else if (continueTo.contains("://"))
+		{
+			// prevent attackers from redirecting to any url by appending &cto=http://<someurl> to
+			// the query string, eg
+			// http://wicketstuff.org/wicket14/compref/?wicket:bookmarkablePage=:org.apache.wicket.markup.html.pages.BrowserInfoPage&cto=http://www.google.de
+			// WICKET-3106
+			throw new IllegalArgumentException("continuTo url : " + continueTo +
+				" must be relative to the current server.")
+			{
+				/**
+				 * No stack trace. We won't tell the hackers about the internals of wicket in case
+				 * stack traces are enabled
+				 * 
+				 * @see java.lang.Throwable#getStackTrace()
+				 */
+				@Override
+				public StackTraceElement[] getStackTrace()
+				{
+					return new StackTraceElement[0];
+				}
+			};
+		}
 		this.continueTo = continueTo;
 	}
 }