ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S5144/php/how-to-fix-it/core.adoc
daniel-teuchert-sonarsource 041d90ff38
Modify Rule S5144: Add information on blacklisting (#4454) 
* Modify Rule S5144: Add information on blacklisting
2024-10-30 14:57:46 +00:00

40 lines
909 B
Plaintext
Raw Permalink Blame History

== How to fix it in Core PHP
=== Code examples
The following code is vulnerable to SSRF as it opens a URL defined by untrusted data.
==== Noncompliant code example
[source,php,diff-id=1,diff-type=noncompliant]
----
$host = $_GET['host'];
$url = "https://$host/.well-known/openid-configuration";
$ch = curl_init($url); // Noncompliant
curl_exec($ch);
----
==== Compliant solution
[source,php,diff-id=1,diff-type=compliant]
----
$allowedHosts = ["trusted1" => "trusted1.example.com", "trusted2" => "trusted2.example.com"];
$host = $allowedHosts[$_GET['host']];
$url = "https://$host/.well-known/openid-configuration";
$ch = curl_init($url);
curl_exec($ch);
----
=== How does this work?
include::../../common/fix/pre-approved-list.adoc[]
include::../../common/fix/blacklist.adoc[]
=== Pitfalls
include::../../common/pitfalls/starts-with.adoc[]
include::../../common/pitfalls/blacklist-toctou.adoc[]
Reference in New Issue View Git Blame Copy Permalink