Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Support 4.4.1 to 4.4.8 base_url php spark closes..
4.4.1 to 4.4.8 base_url php spark closes..
  • Offline kenjis
    Administrator
  • *******
  • Posts: 3,671
    Threads: 96
    Joined: Oct 2014
    Reputation: 231
#6
05-09-2024, 04:02 PM

An attacker can send any host name.
So the value of $_SERVER['HTTP_HOST'] can be anything.
So you should check the value is your server's host name.

But if your web sever is configured as it does not execute CI4 when undefined host name comes,
your site is not vulnerable.

PHP Code:
<?php

namespace App\Controllers;

class Home extends BaseController
{
    public function index(): string
    {
        return $_SERVER['HTTP_HOST'];
    }


Request:
Code:
$ telnet 127.0.0.1 8080
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
GET / HTTP/1.1
Host: developer.mozilla.org
Accept-Language: fr

Response:
Code:
HTTP/1.1 200 OK
Host: developer.mozilla.org
Date: Thu, 09 May 2024 22:55:40 GMT
Connection: close
X-Powered-By: PHP/8.2.18
Cache-Control: no-store, max-age=0, no-cache
Content-Type: text/html; charset=UTF-8

developer.mozilla.org
ci-phpunit-test | CodeIgniter Testing Guide | CodeIgniter 3 to 4 Upgrade Helper
Reply


Messages In This Thread
RE: 4.4.1 to 4.4.8 base_url php spark closes.. - by kenjis - 05-09-2024, 04:02 PM



Theme © iAndrew 2016 - Forum software by © MyBB