* [Security] Reject %0D/%0A in exit tracking and other places

(Issue #434)
2017-01-03 09:21:25 +01:00 · 2017-01-03 09:21:25 +01:00 · a48708021c
commit a48708021c
parent edfc8bcff1
2 changed files with 4 additions and 1 deletions
--- a/docs/NEWS
+++ b/docs/NEWS
@ -14,6 +14,9 @@ Version 2.1 ()
      
    * [Security] For multi-deletion of entries, secure the HTTP referrer
      output to prevent XSS (Issue #435)
+      
+    * [Security] Reject %0D/%0A in exit tracking and other places
+      (Issue #434)

    * Disabled Selenium test files unless enabled

--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@ -1023,7 +1023,7 @@ function serendipity_discover_rss($name, $ext) {
 * @return  boolean     Return true on success, false on failure
 */
 function serendipity_isResponseClean($d) {
-    return (strpos($d, "\r") === false && strpos($d, "\n") === false);
+    return (strpos($d, "\r") === false && strpos($d, "\n") === false && stripos($d, "%0A") === false && stripos($d, "%0D") === false);
 }

 /**