url.php

   1 <?php
   2 /* vim: set expandtab sw=4 ts=4 sts=4: */
   3 /**
   4  * URL redirector to avoid leaking Referer with some sensitive information.
   5  *
   6  * @package PhpMyAdmin
   7  */
   8 use PMA\libraries\Sanitize;
   9 use PMA\libraries\Response;
  10
  11 /**
  12  * Gets core libraries and defines some variables
  13  */
  14 define('PMA_MINIMUM_COMMON', true);
  15 require_once './libraries/common.inc.php';
  16
  17 // Only output the http headers
  18 $response = Response::getInstance();
  19 $response->getHeader()->sendHttpHeaders();
  20 $response->disable();
  21
  22 if (! PMA_isValid($_REQUEST['url'])
  23     || ! preg_match('/^https:\/\/[^\n\r]*$/', $_REQUEST['url'])
  24     || ! PMA_isAllowedDomain($_REQUEST['url'])
  25 ) {
  26     PMA_sendHeaderLocation('./');
  27 } else {
  28     // JavaScript redirection is necessary. Because if header() is used
  29     //  then web browser sometimes does not change the HTTP_REFERER
  30     //  field and so with old URL as Referer, token also goes to
  31     //  external site.
  32     echo "<script type='text/javascript'>
  33             window.onload=function(){
  34                 window.location='" , Sanitize::escapeJsString($_REQUEST['url']) , "';
  35             }
  36         </script>";
  37     // Display redirecting msg on screen.
  38     // Do not display the value of $_REQUEST['url'] to avoid showing injected content
  39     echo __('Taking you to the target site.');
  40 }
  41 die();