From 1e8523aae655539f6c4c0d1ff4ca5c5c01ce3e4c Mon Sep 17 00:00:00 2001 From: Alexander Fuhr Date: Wed, 26 Nov 2014 14:24:19 +0100 Subject: [PATCH 1/6] Add Cookie helper class for cookie support detection refs #7383 --- library/Icinga/Web/Cookie.php | 79 +++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) create mode 100644 library/Icinga/Web/Cookie.php diff --git a/library/Icinga/Web/Cookie.php b/library/Icinga/Web/Cookie.php new file mode 100644 index 000000000..888425151 --- /dev/null +++ b/library/Icinga/Web/Cookie.php @@ -0,0 +1,79 @@ + Date: Wed, 26 Nov 2014 14:25:05 +0100 Subject: [PATCH 2/6] Add cookie support detection refs #7383 --- library/Icinga/Application/Web.php | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/library/Icinga/Application/Web.php b/library/Icinga/Application/Web.php index 37ec5138a..8c103e01c 100644 --- a/library/Icinga/Application/Web.php +++ b/library/Icinga/Application/Web.php @@ -12,6 +12,7 @@ use Icinga\Exception\ConfigurationError; use Icinga\Exception\NotReadableError; use Icinga\Application\Logger; use Icinga\Util\TimezoneDetect; +use Icinga\Web\Cookie; use Icinga\Web\Request; use Icinga\Web\Response; use Icinga\Web\View; @@ -91,6 +92,7 @@ class Web extends ApplicationBootstrap { return $this ->setupZendAutoloader() + ->detectCookieSupport() ->setupLogging() ->setupErrorHandling() ->loadConfig() @@ -337,5 +339,20 @@ class Web extends ApplicationBootstrap ); return $this; } + + /** + * Check cookie support + * + * @return $this + */ + protected function detectCookieSupport() + { + if (! Cookie::isSupported()) { + echo 'Cookies must be enabled to run this application.'; + exit(1); + } + + return $this; + } } // @codeCoverageIgnoreEnd From ad8f16c185aa00198149d3086256464fc4db98bd Mon Sep 17 00:00:00 2001 From: Alexander Fuhr Date: Tue, 11 Aug 2015 16:37:05 +0200 Subject: [PATCH 3/6] Cookie: Set the rigth license line header refs #7383 --- library/Icinga/Web/Cookie.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/library/Icinga/Web/Cookie.php b/library/Icinga/Web/Cookie.php index 888425151..9b10c7f8c 100644 --- a/library/Icinga/Web/Cookie.php +++ b/library/Icinga/Web/Cookie.php @@ -1,6 +1,5 @@ Date: Thu, 13 Aug 2015 11:19:08 +0200 Subject: [PATCH 4/6] Request: Add getResponse() to retrieve the Response refs #7383 --- library/Icinga/Web/Request.php | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/library/Icinga/Web/Request.php b/library/Icinga/Web/Request.php index 6fb078c96..b4d7e92d4 100644 --- a/library/Icinga/Web/Request.php +++ b/library/Icinga/Web/Request.php @@ -3,6 +3,7 @@ namespace Icinga\Web; +use Icinga\Application\Icinga; use Zend_Controller_Request_Http; use Icinga\User; @@ -32,6 +33,13 @@ class Request extends Zend_Controller_Request_Http */ protected $url; + /** + * Response + * + * @var Response + */ + protected $response; + /** * Get whether the request seems to be an API request * @@ -78,6 +86,20 @@ class Request extends Zend_Controller_Request_Http return $this; } + /** + * Get the response + * + * @return Response + */ + public function getResponse() + { + if ($this->response === null) { + $this->response = Icinga::app()->getResponse(); + } + + return $this->response; + } + /** * Makes an ID unique to this request, to prevent id collisions in different containers * @@ -96,4 +118,10 @@ class Request extends Zend_Controller_Request_Http } return $id . '-' . $this->uniqueId; } + + public function hasCookieSupport() + { + $cookie = new Cookie($this); + return $cookie->isSupported(); + } } From 813154f6ef336ffa858138ad94f98c32ee6106d3 Mon Sep 17 00:00:00 2001 From: Alexander Fuhr Date: Thu, 13 Aug 2015 11:19:48 +0200 Subject: [PATCH 5/6] Cookie: Make it no static and use the request refs #7383 --- library/Icinga/Web/Cookie.php | 61 ++++++++++++++++++----------------- 1 file changed, 31 insertions(+), 30 deletions(-) diff --git a/library/Icinga/Web/Cookie.php b/library/Icinga/Web/Cookie.php index 9b10c7f8c..7010bb999 100644 --- a/library/Icinga/Web/Cookie.php +++ b/library/Icinga/Web/Cookie.php @@ -5,8 +5,6 @@ namespace Icinga\Web; /** * Helper Class Cookie - * - * @package Icinga\Web */ class Cookie { @@ -15,64 +13,67 @@ class Cookie */ const CHECK_COOKIE = '_chc'; + /** + * The request + * + * @var Request + */ + protected $request; + + /** + * Create a new cookie + * + * @param Request $request + */ + public function __construct(Request $request) + { + $this->request = $request; + } + /** * Check whether cookies are supported or not * * @return bool */ - public static function isSupported() + public function isSupported() { if (! empty($_COOKIE)) { - self::cleanupCheck(); + $this->cleanupCheck(); return true; } - if (isset($_REQUEST['_checkCookie']) && empty($_COOKIE)) { + $url = $this->request->getUrl(); + + if ($url->hasParam('_checkCookie') && empty($_COOKIE)) { return false; } - if (! isset($_REQUEST['_checkCookie'])) { - self::provideCheck(); + if (! $url->hasParam('_checkCookie')) { + $this->provideCheck(); } return false; } - /** - * Redirect to a given uri - * - * @param string $uri - */ - public static function redirect($uri) - { - header('location: ' . $uri); - exit(0); - } - /** * Prepare check to detect cookie support */ - public static function provideCheck() + public function provideCheck() { setcookie(self::CHECK_COOKIE, '1'); - if (parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY)) { - $requestUri = $_SERVER['REQUEST_URI'] . '&_checkCookie=1'; - } else { - $requestUri = $_SERVER['REQUEST_URI'] . '?_checkCookie=1'; - } - - self::redirect($requestUri); + $requestUri = $this->request->getUrl()->addParams(array('_checkCookie' => 1)); + $this->request->getResponse()->redirectAndExit($requestUri); } /** * Cleanup the cookie support check */ - public static function cleanupCheck() + public function cleanupCheck() { - if (isset($_REQUEST['_checkCookie']) && isset($_COOKIE[self::CHECK_COOKIE])) { - $requestUri = preg_replace('/([&|\?]_checkCookie=1)/', '', $_SERVER['REQUEST_URI']); - self::redirect($requestUri); + if ($this->request->getUrl()->hasParam('_checkCookie') && isset($_COOKIE[self::CHECK_COOKIE])) { + $requestUri =$this->request->getUrl()->without('_checkCookie'); + $this->request->getResponse()->redirectAndExit($requestUri); } } } From d468c59e32af20c00ef55b2e7fc52f06b9abd2a8 Mon Sep 17 00:00:00 2001 From: Alexander Fuhr Date: Thu, 13 Aug 2015 11:21:05 +0200 Subject: [PATCH 6/6] AuthenticationController: Add cookie detection to login action refs #7383 --- application/controllers/AuthenticationController.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/application/controllers/AuthenticationController.php b/application/controllers/AuthenticationController.php index 9431b7fbc..f19b53fc5 100644 --- a/application/controllers/AuthenticationController.php +++ b/application/controllers/AuthenticationController.php @@ -8,6 +8,7 @@ use Icinga\Application\Icinga; use Icinga\Application\Logger; use Icinga\Forms\Authentication\LoginForm; use Icinga\Web\Controller; +use Icinga\Web\Cookie; use Icinga\Web\Url; /** @@ -36,6 +37,11 @@ class AuthenticationController extends Controller $this->redirectNow($form->getRedirectUrl()); } if (! $requiresSetup) { + if (! $this->getRequest()->hasCookieSupport()) { + echo $this->translate("Cookies must be enabled to run this application.\n"); + $this->getResponse()->setHttpResponseCode(403)->sendHeaders(); + exit(); + } $form->handleRequest(); } $this->view->form = $form;