nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-06-30 23:52:50 -05:00
Code Activity

Prevent XSS possibility from SSO SAML Service URLs (#1691)

Browse Source 
* validate sso service urls for HTML meta chars

* also check for double quotes
This commit is contained in:
Kyle Spearrin
2021-11-05 14:49:45 -04:00
committed by GitHub
parent 68e20fe649
commit 10c5a29c47
2 changed files with 52 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/Core/Models/Api/Request/Organizations/OrganizationSsoRequestModel.cs
View File

@ -159,6 +159,25 @@ namespace Bit.Core.Models.Api
yield return new ValidationResult(i18nService.GetLocalizedHtmlString("IdpSingleSignOnServiceUrlValidationError"),
new[] { nameof(IdpSingleSignOnServiceUrl) });
}
if (ContainsHtmlMetaCharacters(IdpSingleSignOnServiceUrl))
{
yield return new ValidationResult(i18nService.GetLocalizedHtmlString("IdpSingleSignOnServiceUrlInvalid"),
new[] { nameof(IdpSingleSignOnServiceUrl) });
}
if (ContainsHtmlMetaCharacters(IdpArtifactResolutionServiceUrl))
{
yield return new ValidationResult(i18nService.GetLocalizedHtmlString("IdpArtifactResolutionServiceUrlInvalid"),
new[] { nameof(IdpArtifactResolutionServiceUrl) });
}
if (ContainsHtmlMetaCharacters(IdpSingleLogoutServiceUrl))
{
yield return new ValidationResult(i18nService.GetLocalizedHtmlString("IdpSingleLogoutServiceUrlInvalid"),
new[] { nameof(IdpSingleLogoutServiceUrl) });
}
if (!string.IsNullOrWhiteSpace(IdpX509PublicCert))
{
// Validate the certificate is in a valid format
@ -240,5 +259,14 @@ namespace Bit.Core.Models.Api
string.Empty,
RegexOptions.Multiline | RegexOptions.IgnoreCase | RegexOptions.CultureInvariant);
}
private bool ContainsHtmlMetaCharacters(string url)
{
if (string.IsNullOrWhiteSpace(url))
{
return false;
}
return Regex.IsMatch(url, "[<>\"]");
}
}
}