Routing icon indicating copy to clipboard operation
Routing copied to clipboard
verified publisher icon symfony-cmf

Potential security issue

Open am4rth opened this issue 2 years ago • 2 comments

If the ChainRouter does not find a match it throws a exception in which the request object is dumped as a string https://github.com/symfony-cmf/Routing/blob/d1e3ba55073507c11e6f501b6b3cfc9c1dc7acaf/src/ChainRouter.php#L177

This can have security implications as all headers of the request (including Authorization-Header) are dumped in the exception. If this exception is logged or stored somewhere it can leak sensitive information or enable third parties access to private information.

Proposal: only add the requested method and path to the exception message

am4rth avatar Aug 09 '23 14:08 am4rth

thanks for reporting this issue. you are right, there is the risk of leaking sensitive information into logs.

matching can happen on other things than the path and method. i think we should adjust the message a bit to not lead people to only look at the path and be confused.

do you have time to propose a pull request?

dbu avatar Aug 09 '23 14:08 dbu

I will try to write a fix in the next couple of weeks :)

am4rth avatar Aug 11 '23 08:08 am4rth