Fix information leakage by validating the URL scheme
Validate the scheme to prevent leaking information by abusing the
file:// scheme.
Before this change it was possible to see what files are available on
the system running tweeper.
The script in tests/test_information_leakage.sh shows the problem on
earlier versions.
Here is an execution with tweeper-0.6:
-----------------------------------------------------------------------
URL file://twitter.com//etc/passwd
--> /etc/passwd
exists
URL file://twitter.com//etc/file_with_an_unlikely_name
... /etc/file_with_an_unlikely_name
does not exist
Staring a test server
URL file://twitter.com//etc/passwd
--> /etc/passwd on http://localhost:8000
exists
URL file://twitter.com//etc/file_with_an_unlikely_name
... /etc/file_with_an_unlikely_name on http://localhost:8000
does not exist
Shutting down the test server
-----------------------------------------------------------------------
Here is an execution after this fix:
-----------------------------------------------------------------------
PHP Fatal error: unsupported scheme: file in /home/ao2/Proj/Tweeper/tweeper/tweeper.php on line 323
URL file://twitter.com//etc/passwd
... /etc/passwd
does not exist
PHP Fatal error: unsupported scheme: file in /home/ao2/Proj/Tweeper/tweeper/tweeper.php on line 323
URL file://twitter.com//etc/file_with_an_unlikely_name
... /etc/file_with_an_unlikely_name
does not exist
Staring a test server
URL file://twitter.com//etc/passwd
... /etc/passwd on http://localhost:8000
does not exist
URL file://twitter.com//etc/file_with_an_unlikely_name
... /etc/file_with_an_unlikely_name on http://localhost:8000
does not exist
Shutting down the test server
-----------------------------------------------------------------------
projects / tweeper.git / commit