doudou5421 2011-02-06 21:14
浏览 15
已采纳

这个PHP重定向是不安全的吗?

Hmm I can't really indentify any insecurities but was wondering whether you can, if so how to possibly patch/mend?

Heres the code:

header("Location: http://example.com/search/{$_POST['term']}/{$_POST['type']}");

The site which i'm redirecting too does the validation & sanitization on their side, but what I'm concerned about is - is this redirecting insecure in any way (on my side - seeing as I'm using direct $_POST's).

Appreciate all help.

PS: Just became curious as I've always thought using unsanizited user input is dangerous (or atleast that applies to XSS and SQLi).

  • 写回答

4条回答 默认 最新

  • douzhi2988 2011-02-06 21:22
    关注

    Overall, for most websites running a modern version of PHP, it is secure.

    There are two concerns at hand:

    • A malicious user may be able to trick a victim into unwittingly visiting any page of the form /search/*/* on the site by linking them to a malicious page that POSTs to the page with your redirect. (Note that they are not limited to just two slashes after/search because their POST variables may contain slashes.) This is similar to handing someone a shortened bit.ly URL that redirects them, so it's not too bad.
    • HTTP response splitting. If a malicious user includes newlines (specifically, CRLF / ) within their POST data, they can cause your header() call to output multiple headers, including headers to set cookies, and so on. However, as of PHP 5.1.2 this has been fixed.
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(3条)

报告相同问题?

悬赏问题

  • ¥15 用hfss做微带贴片阵列天线的时候分析设置有问题
  • ¥50 我撰写的python爬虫爬不了 要爬的网址有反爬机制
  • ¥15 Centos / PETSc / PETGEM
  • ¥15 centos7.9 IPv6端口telnet和端口监控问题
  • ¥120 计算机网络的新校区组网设计
  • ¥20 完全没有学习过GAN,看了CSDN的一篇文章,里面有代码但是完全不知道如何操作
  • ¥15 使用ue5插件narrative时如何切换关卡也保存叙事任务记录
  • ¥20 海浪数据 南海地区海况数据,波浪数据
  • ¥20 软件测试决策法疑问求解答
  • ¥15 win11 23H2删除推荐的项目,支持注册表等