Vulnerability remediation

2021-05-28 15:31:54 -04:00
parent 2a8ee2d90f
commit 9043ccb0e2
18 changed files with 316 additions and 39 deletions
--- a/signout.php
+++ b/signout.php
@@ -19,9 +19,11 @@
    ini_set('session.gc_maxlifetime', 24*60*60);                                // MIN SESSION
    ini_set('session.gc_probability', 1);                                       // GC RATES
    ini_set('session.gc_divisor', 100);                                         // TIMES
+    ini_set("session. cookie_httponly", 1);
    session_save_path('.tmp');                                                  // TEMP
    session_start();                                                            // START
    require_once __DIR__ . '/autoload.php';                                     // AUTOLOAD
+    use App\LobbySIO\Misc\Csrf;                                        // ANTICSRF
    $StaticFunctions = new \App\LobbySIO\Misc\StaticFunctions();                // DEFAULT CLASSES
    $SiteInfo = new \App\LobbySIO\Database\SiteInfo();
    $Users = new \App\LobbySIO\Database\Users();
@@ -47,7 +49,14 @@
    require_once("inc/header.inc.php");
    if ($StaticFunctions->getSessionStatus() == true) {                         // CHECK STATUS
        header('Location: index.php');                                          // ELSE HOME
-    } else { ?>
+    } else {
+      header("X-Frame-Options: SAMEORIGIN");
+      header("Content-Security-Policy: frame-ancestors 'none'", false);
+      if (!empty($_GET['a'])) {
+        echo '<pre>' . print_r($_POST, true) . '</pre>';
+        echo 'Verification has been : ' . (Csrf::verifyToken('home') ? 'successful' : 'unsuccessful');
+      }
+    ?>



@@ -90,6 +99,7 @@
      </div>
    </div>
    <form class="form-signout" method="post" onsubmit="return confirm('<?php echo $transLang['END_VISIT_WARNING']; ?>')">
+      <?php echo Csrf::getInputToken('home') ?>
      <ul class="pagination pagination-sm"><li class="page-item disabled"><a class="page-link" href="#" tabindex="-1"><?php echo $transLang['PAGE']; ?></a></li>
 <?php for ($i = 1; $i <= $page_count; $i++): ?>
        <li class="page-item<?php if ($i === $page_num): echo ' active'; else: echo ' '; endif; ?>"><a class="page-link" href="<?php echo $_SERVER['PHP_SELF'] . '?pnum=' . $i; ?>"><?php echo $i; ?></a></li>