github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-14 10:37:42 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #1164 from Arinerron: Patch insecure CSRF token

Browse source 
Patch insecure CSRF token crypto vulnerability
This commit is contained in:
dpeca 2017-04-18 10:47:42 +02:00 committed by GitHub
commit 0cbb3613df
2 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

4
web/inc/main.php
View file

@ -59,10 +59,10 @@ if ((!isset($_SESSION['user'])) && (!defined('NO_AUTH_REQUIRED'))) {
exit;
}
// Generate CSRF token
if (isset($_SESSION['user'])) {
if(!isset($_SESSION['token'])){
$token = uniqid(mt_rand(), true);
$_SESSION['token'] = $token;
$_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(16));
}
}

2
web/login/index.php
View file

@ -126,7 +126,7 @@ if (empty($_SESSION['language'])) {
}
// Generate CSRF token
$_SESSION['token'] = md5(uniqid(mt_rand(), true));
$_SESSION['token'] = bin2hex(openssl_random_pseudo_bytes(16)); // generate 32-character cryptographically secure token
require_once($_SERVER['DOCUMENT_ROOT'].'/inc/i18n/'.$_SESSION['language'].'.php');
require_once('../templates/header.html');