makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-07 20:08:53 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/security/275] Gracefully handle exceptions thrown by wrong cron route

Browse source 
SECURITY-275
This commit is contained in:
Marc Alexander 2023-01-10 21:09:48 +01:00
parent 378c63b002
commit fd550bc25a
No known key found for this signature in database
GPG key ID: 50E0D2423696F995
1 changed files with 19 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
phpBB/cron.php
View file

@ -12,6 +12,8 @@
*/ */
use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Exception\ExceptionInterface;
/** /**
*/ */
@ -30,8 +32,20 @@ $get_params_array = $request->get_super_global(\phpbb\request\request_interface:
/** @var \phpbb\controller\helper $controller_helper */ /** @var \phpbb\controller\helper $controller_helper */
$controller_helper = $phpbb_container->get('controller.helper'); $controller_helper = $phpbb_container->get('controller.helper');
$response = new RedirectResponse( try
$controller_helper->route('phpbb_cron_run', $get_params_array, false), {
301 $response = new RedirectResponse(
); $controller_helper->route('phpbb_cron_run', $get_params_array, false),
$response->send(); Response::HTTP_MOVED_PERMANENTLY
);
$response->send();
}
catch(ExceptionInterface $exception)
{
$language = $phpbb_container->get('language');
$response = new Response(
$language->lang('PAGE_NOT_FOUND'),
Response::HTTP_BAD_REQUEST
);
$response->send();
}