遊客站內搜尋的錯誤[含1張圖]

IT_man · 發表於 2015-3-23 16:24:33

本帖最後由 IT_man 於 2015-3-23 16:27 編輯

遊客站內搜尋時出現 error message :

sol:
\source\class\discuz的discuz_application.php 約第350行
查找

private function _xss_check() {
0 i8 V9 Z5 H7 H9 M2 t5 m: T& M( I
9 S- f& w0 }4 q* D9 g6 O
static $check = array('"', '>', '<', '\'', '(', ')', 'CONTENT-TRANSFER-ENCODING');3 l X3 `# c5 Z3 ?1 ~" A
: s" H a5 q' z7 |% T
if(isset($_GET['formhash']) && $_GET['formhash'] !== formhash()) {: z v, B3 @' g0 @2 h j) v/ L
system_error('request_tainting');
7 l0 ?7 I0 b9 r V3 V
}0 W# f" [! ]3 D
5 k4 S) Y2 J# k+ a+ V' {! a
if($_SERVER['REQUEST_METHOD'] == 'GET' ) {
% z( o- @. X% H' U
$temp = $_SERVER['REQUEST_URI'];
8 b0 j, a7 k2 m8 u- z
} elseif(empty ($_GET['formhash'])) {" Q0 h8 T( k6 ]9 J& p* r/ Y: r
$temp = $_SERVER['REQUEST_URI'].file_get_contents('php://input');& ^) Z N: ^2 S0 v
} else {
6 U' Q% |9 O, i0 Z" Y) d8 e' x
$temp = '';
( n) N- \. ^- V" b1 I
}
4 ^- ]& r$ h0 d0 }
4 J4 |/ Q! h( Y
if(!empty($temp)) {
: D9 [/ v# ]' [2 f
$temp = strtoupper(urldecode(urldecode($temp)));+ p' @. W& l0 Y- X' f, a
foreach ($check as $str) {
, m) Z. J2 T- l1 Y' }4 n( |! o
if(strpos($temp, $str) !== false) {0 A3 V( p: M1 T7 k5 a+ w% p
system_error('request_tainting');
- g8 H) d' I+ p4 s! r! n% o" n7 Y
}
$ m! B9 G; \8 q# P. K' K% I+ c0 K
}; p3 g3 O. t/ W. {5 ~ k
}0 E1 V$ D6 ?& N: W0 K
% n+ r: \! i% j# L- K1 Z; O% O
return true;% @6 N/ Z5 X7 R6 J* Z8 G
}

複製代碼

替换为：

private function _xss_check() {$ B' t" l1 J: } C9 g1 H# y0 S
$temp = strtoupper(urldecode(urldecode($_SERVER['REQUEST_URI'])));
3 _1 A% Q# l* o+ o
if(strpos($temp, '<') !== false || strpos($temp, '"') !== false || strpos($temp, 'CONTENT-TRANSFER-ENCODING') !== false) {4 Q+ W: F" N/ K+ [' T
system_error('request_tainting');
s+ M" u6 w) m( y- P
}
( K( q5 e) X0 A
return true;
6 J* B* L# |4 l
}

複製代碼

后台更新缓存 ===>ok
但有些 discuz代碼內容在搜索結果內顯示,曝露在外,是不正常(會員搜索無此問題) ,研究中

		自動登錄	找回密碼
密碼			立即註冊

[Discuz X3.2] 遊客站內搜尋的錯誤[含1張圖]