thu*_*son 4 brakeman ruby-on-rails-4
我有一个Rails 4应用程序,当我运行Brakeman时,它(正确地)在我的创建操作中标识了一个不受保护的重定向.但是,添加only_path:true(如在Brakeman Railscast中)并不能解决警告:
def create
refer_url = params[:referrer]
@portfolio = current_user.portfolios.build(portfolio_params)
if @portfolio.save
redirect_to refer_url, notice: "Portfolio was successfully created.", only_path: true
else
render :new
end
end
结果是:
+SECURITY WARNINGS+
+------------+-----------------------+---------+--------------+----------------------------------------------------------------------------------------------------------------------->>
| Confidence | Class | Method | Warning Type | Message >>
+------------+-----------------------+---------+--------------+----------------------------------------------------------------------------------------------------------------------->>
| High | PortfoliosController | create | Redirect | Possible unprotected redirect near line 14: redirect_to(+params[:referrer]+, :notice => "Portfolio was successfully cr>>
+------------+-----------------------+---------+--------------+----------------------------------------------------------------------------------------------------------------------->>
为什么会这样?Brakeman还在识别什么风险?
不幸的是,RailsCast是不正确的.:only_path => true必须是第一个参数的一部分.
被params[:referrer]认为是在应用程序的路径?
如果是这样,这将是我的建议:
begin
refer_url = URI.parse(params[:referrer]).path
rescue URI::InvalidURIError
refer_url = "some_default"
end
或者您可以检查它params[:referrer]始终是路径,以其他方式验证它,或者即使在您的应用程序中也不允许任意重定向.遗憾的是,Rails并没有为安全重定向提供简单的选择.
| 归档时间: |
|
| 查看次数: |
1562 次 |
| 最近记录: |