cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rob Berens" <rber...@osirion.nl>
Subject Re: Possible security problem with flowscript
Date Fri, 15 Oct 2004 14:13:56 GMT
Carsten Ziegeler wrote:

> Rob Berens wrote:
>
> > We identified this problem already and decided to solve it by
> > having a different way of making the continuation request. In
> > our case we use the original request with a request paremater e.g
> >
> > Original request:
> > mywebapp/original.html
> >
> > Continuation request:
> > mywebapp/original.html?continuation=123456
> >
> > The sitemap does auhorization based on the request without
> > taken into consideration a possible continuation parameter
> > and therefore both the original request and the continuation
> > request are checked in the same way. After the authorization
> > has taken place the continuation is detected by:
> >
> > <map:match pattern="continuation" type="request-parameter">
> >   <map:call continuation="{1}"/>
> > </map:match>
> >
> Hmm, I might be wrong, but does this really protect you?
> If you have a flow that is usable by not authenticated users,
> you run into the same problem I think.
>
I see, you are right. A unauthorized user can get access to the continuation
by adding the continuation parameter to another request he is authorized
for.

Rob


Mime
View raw message