Changeset 2935713
- Timestamp:
- 07/07/2023 06:56:37 PM (3 years ago)
- Location:
- http-headers/trunk
- Files:
-
- 5 edited
-
README.txt (modified) (2 diffs)
-
http-headers.php (modified) (4 diffs)
-
views/age.php (modified) (1 diff)
-
views/ajax-inspect.php (modified) (1 diff)
-
views/category.php (modified) (10 diffs)
Legend:
- Unmodified
- Added
- Removed
-
http-headers/trunk/README.txt
r2924462 r2935713 6 6 Tested up to: 6.2.2 7 7 Requires PHP: 5.3 8 Stable tag: 1.1 8.118 Stable tag: 1.19.0 9 9 License: GPLv2 or later 10 10 License URI: https://www.gnu.org/licenses/gpl-2.0.html … … 87 87 == Changelog == 88 88 89 = 1.19.0 = 90 *Release Date - 7th July, 2023* 91 92 * Fixed: SSRF vulnerability by an Admin user 93 * Fixed: XSS vulnerability by an Admin user 94 89 95 = 1.18.11 = 90 *Release Date - 11th Jun , 2023*96 *Release Date - 11th June, 2023* 91 97 92 98 * Fixed: Remote Code Execution by an Admin user -
http-headers/trunk/http-headers.php
r2924462 r2935713 4 4 Plugin URI: https://github.com/riverside/http-headers 5 5 Description: A plugin for HTTP headers management including security, access-control (CORS), caching, compression, and authentication. 6 Version: 1.1 8.116 Version: 1.19.0 7 7 Author: Dimitar Ivanov 8 8 Author URI: https://github.com/riverside … … 39 39 } 40 40 41 function build_csp_value($value ) {41 function build_csp_value($value, $escape=false) { 42 42 if (!is_array($value)) 43 43 { … … 62 62 $val .= " " . $source; 63 63 } 64 $csp[] = sprintf("%s %s", $key, $ val);64 $csp[] = sprintf("%s %s", $key, $escape ? esc_html($val) : $val); 65 65 } elseif ($source) { 66 $csp[] = sprintf("%s %s", $key, $ source);66 $csp[] = sprintf("%s %s", $key, $escape ? esc_html($source) : $source); 67 67 } 68 68 } else { … … 73 73 if (in_array($key, array('plugin-types', 'report-to')) && !empty($val)) 74 74 { 75 $csp[] = sprintf("%s %s", $key, $ val);75 $csp[] = sprintf("%s %s", $key, $escape ? esc_html($val) : $val); 76 76 } 77 77 } -
http-headers/trunk/views/age.php
r2233507 r2935713 27 27 <?php settings_fields( 'http-headers-age' ); ?> 28 28 <?php do_settings_sections( 'http-headers-age' ); ?> 29 <input type="text" name="hh_age_value" class="http-header-value" size="5" value="<?php echo esc_attr(get_option('hh_age_value')); ?>"<?php echo $age == 1 ? NULL : ' checked'; ?>>29 <input type="text" name="hh_age_value" class="http-header-value" size="5" value="<?php echo (int) esc_attr(get_option('hh_age_value')); ?>"<?php echo $age == 1 ? NULL : ' checked'; ?>> 30 30 <?php _e('seconds', 'http-headers'); ?> 31 31 </td> -
http-headers/trunk/views/ajax-inspect.php
r2852524 r2935713 24 24 } 25 25 26 $response = wp_ remote_head($_POST['url'], $args);26 $response = wp_safe_remote_head($_POST['url'], $args); 27 27 $status = wp_remote_retrieve_response_code($response); 28 28 $dictionary = wp_remote_retrieve_headers($response); -
http-headers/trunk/views/category.php
r2852524 r2935713 32 32 { 33 33 $value = get_option($key .'_value'); 34 if (is_string($value)) 35 { 36 $value = esc_html($value); 37 } 34 38 switch ($key) 35 39 { … … 45 49 case 'hh_x_xxs_protection': 46 50 if ($value == '1; report=') { 47 $value .= get_option('hh_x_xxs_protection_uri');51 $value .= esc_html(get_option('hh_x_xxs_protection_uri')); 48 52 } 49 53 break; … … 57 61 if ($value == 'ALLOW-FROM') 58 62 { 59 $value .= ' ' . get_option('hh_x_frame_options_domain');63 $value .= ' ' . esc_html(get_option('hh_x_frame_options_domain')); 60 64 } 61 65 break; … … 85 89 if ($value == 'origin') 86 90 { 87 $value = get_option('hh_timing_allow_origin_url');91 $value = esc_html(get_option('hh_timing_allow_origin_url')); 88 92 } 89 93 break; … … 91 95 if ($value == 'origin') 92 96 { 93 $value = join('<br>', get_option('hh_access_control_allow_origin_url', array()));97 $value = join('<br>', array_map('esc_html', get_option('hh_access_control_allow_origin_url', array()))); 94 98 } 95 99 break; … … 100 104 break; 101 105 case 'hh_content_security_policy': 102 $value = build_csp_value($value );106 $value = build_csp_value($value, true); 103 107 if (get_option('hh_content_security_policy_report_only')) { 104 108 $item[0] .= '-Report-Only'; … … 133 137 break; 134 138 case 'hh_www_authenticate': 135 $value = get_option('hh_www_authenticate_type');139 $value = esc_html(get_option('hh_www_authenticate_type')); 136 140 break; 137 141 case 'hh_cache_control': … … 181 185 $tmp[] = 'enforce'; 182 186 } 183 $tmp[] = sprintf('report-uri="%s"', get_option('hh_expect_ct_report_uri'));187 $tmp[] = sprintf('report-uri="%s"', esc_html(get_option('hh_expect_ct_report_uri'))); 184 188 $value = join(', ', $tmp); 185 189 break; … … 192 196 { 193 197 $_names[] = '<p class="hh-p"> '.$name.'</p>'; 194 $_values[] = '<p class="hh-p">'. $value['value'][$key].'</p>';198 $_values[] = '<p class="hh-p">'.esc_html($value['value'][$key]).'</p>'; 195 199 } 196 200 } … … 199 203 break; 200 204 case 'hh_report_to': 201 $value = get_http_header('report_to');205 $value = esc_html(get_http_header('report_to')); 202 206 break; 203 207 case 'hh_nel': 204 $value = get_http_header('nel');208 $value = esc_html(get_http_header('nel')); 205 209 break; 206 210 case 'hh_feature_policy': 207 $value = get_http_header('feature_policy');211 $value = esc_html(get_http_header('feature_policy')); 208 212 break; 209 213 case 'hh_permissions_policy': 210 $value = get_http_header('permissions_policy');214 $value = esc_html(get_http_header('permissions_policy')); 211 215 break; 212 216 case 'hh_x_robots_tag': 213 $value = get_http_header('x_robots_tag');217 $value = esc_html(get_http_header('x_robots_tag')); 214 218 break; 215 219 case 'hh_clear_site_data':
Note: See TracChangeset
for help on using the changeset viewer.