[PHP-BUG] Bug #62753 [NEW]: proxy_test.php

Sun, 05 Aug 2012 09:54:22 -0700 

From:             admin at angosso dot net
Operating system: Migration Localhost->_Server
PHP version:      5.3.15
Package:          Built-in web server
Bug Type:         Bug
Bug description:proxy_test.php

Description:
------------
User Agent: Mozilla/5.0 (Windows NT 6.0; rv:14.0) Gecko/20100101
Firefox/14.0.1
Build ID: 20120713134347

Steps to reproduce:

user_pref("capability.policy.policynames", "strict");
   user_pref("capability.policy.strict.sites", "http://www.hosting24.com
http://www.srv47.hosting24.com";);
   user_pref("capability.policy.strict.Window.alert", "noAccess");
   user_pref("capability.policy.strict.Window.confirm", "noAccess");
   user_pref("capability.policy.strict.Window.prompt", "noAccess");


Test script:
---------------
"v=spf1 +a +mx +ip4:212.1.208.183 +a:srv47.hosting24.com
+mx:mail.angosso.net +mx:srv47.hosting24.com +include:angosso.net ?all"

Expected result:
----------------
function _parse_uri()
     
     
    function _redirect( $uri ) {
    $location = $this->_parse_location( $uri );
    if ( $location['host'] != $this->host || $location['port'] !=
$this->port ) {
    $this->host = $location['host'];
    $this->port = $location['port'];
    if ( !$this->_use_proxy) $this->disconnect();
    }
    usleep( 100 );
    $this->get( $location['request_file'] . '?' . $location['query_string']
);
foreach( $this->cookies as $cookie_name => $cookie_data ) {
    if ($cookie_data['expires'] > $none) {
    $new_cookies[$cookie_name] = $cookie_data;
    $domain = preg_quote( $cookie_data['angosso.net'] );
    $path = preg_quote( $cookie_data['/home/angosson/public_html/www'] );
    if ( preg_match( "'.*$domain$'i", $current_domain ) && preg_match(
"'^$path.*'i", $current_path ) )
    $cookie_str .= $cookie_name . '=' .
$cookie_data['http://www.angosso.net/pub-page/economie.php'] . '; ';
    }
    }

Actual result:
--------------
Vulnerability


-- 
Edit bug report at https://bugs.php.net/bug.php?id=62753&edit=1
-- 
Try a snapshot (PHP 5.4):            
https://bugs.php.net/fix.php?id=62753&r=trysnapshot54
Try a snapshot (PHP 5.3):            
https://bugs.php.net/fix.php?id=62753&r=trysnapshot53
Try a snapshot (trunk):              
https://bugs.php.net/fix.php?id=62753&r=trysnapshottrunk
Fixed in SVN:                        
https://bugs.php.net/fix.php?id=62753&r=fixed
Fixed in SVN and need be documented: 
https://bugs.php.net/fix.php?id=62753&r=needdocs
Fixed in release:                    
https://bugs.php.net/fix.php?id=62753&r=alreadyfixed
Need backtrace:                      
https://bugs.php.net/fix.php?id=62753&r=needtrace
Need Reproduce Script:               
https://bugs.php.net/fix.php?id=62753&r=needscript
Try newer version:                   
https://bugs.php.net/fix.php?id=62753&r=oldversion
Not developer issue:                 
https://bugs.php.net/fix.php?id=62753&r=support
Expected behavior:                   
https://bugs.php.net/fix.php?id=62753&r=notwrong
Not enough info:                     
https://bugs.php.net/fix.php?id=62753&r=notenoughinfo
Submitted twice:                     
https://bugs.php.net/fix.php?id=62753&r=submittedtwice
register_globals:                    
https://bugs.php.net/fix.php?id=62753&r=globals
PHP 4 support discontinued:          
https://bugs.php.net/fix.php?id=62753&r=php4
Daylight Savings:                    https://bugs.php.net/fix.php?id=62753&r=dst
IIS Stability:                       
https://bugs.php.net/fix.php?id=62753&r=isapi
Install GNU Sed:                     
https://bugs.php.net/fix.php?id=62753&r=gnused
Floating point limitations:          
https://bugs.php.net/fix.php?id=62753&r=float
No Zend Extensions:                  
https://bugs.php.net/fix.php?id=62753&r=nozend
MySQL Configuration Error:           
https://bugs.php.net/fix.php?id=62753&r=mysqlcfg

Reply via email to