PluginProbe ʕ •ᴥ•ʔ
Matomo Analytics – Powerful, Privacy-First Insights for WordPress / 1.3.1
Matomo Analytics – Powerful, Privacy-First Insights for WordPress v1.3.1
5.11.1 5.11.0 5.10.2 5.10.1 trunk 1.0.2 1.0.3 1.0.4 1.0.5 1.0.6 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.3.0 1.3.1 1.3.2 4.0.0 4.0.1 4.0.2 4.0.3 4.0.4 4.1.0 4.1.1 4.1.2 4.1.3 4.10.0 4.11.0 4.12.0 4.13.0 4.13.2 4.13.3 4.13.4 4.13.5 4.14.0 4.14.1 4.14.2 4.15.0 4.15.1 4.15.2 4.15.3 4.2.0 4.3.0 4.3.1 4.4.1 4.4.2 4.5.0 4.6.0 5.0.1 5.0.2 5.0.3 5.0.4 5.0.5 5.0.6 5.0.7 5.0.8 5.1.0 5.1.1 5.1.2 5.1.3 5.1.4 5.1.5 5.1.6 5.1.7 5.10.0 5.2.0 5.2.1 5.2.2 5.3.0 5.3.1 5.3.2 5.3.3 5.6.0 5.6.1 5.7.0 5.7.1 5.8.0 5.8.1 5.8.2
matomo / app / core / Nonce.php
matomo / app / core Last commit date
API 6 years ago Access 6 years ago Application 6 years ago Archive 6 years ago ArchiveProcessor 6 years ago Archiver 6 years ago AssetManager 6 years ago Auth 6 years ago Category 6 years ago CliMulti 6 years ago Columns 6 years ago Composer 6 years ago Concurrency 6 years ago Config 6 years ago Container 6 years ago CronArchive 6 years ago DataAccess 5 years ago DataFiles 6 years ago DataTable 6 years ago Db 6 years ago DeviceDetector 5 years ago Email 6 years ago Exception 6 years ago Http 6 years ago Intl 6 years ago Mail 6 years ago Measurable 6 years ago Menu 6 years ago Metrics 6 years ago Notification 6 years ago Period 6 years ago Plugin 6 years ago ProfessionalServices 6 years ago Report 6 years ago ReportRenderer 6 years ago Scheduler 6 years ago Segment 6 years ago Session 6 years ago Settings 6 years ago Tracker 5 years ago Translation 6 years ago UpdateCheck 6 years ago Updater 6 years ago Updates 6 years ago Validators 6 years ago View 6 years ago ViewDataTable 6 years ago Visualization 6 years ago Widget 6 years ago .htaccess 6 years ago Access.php 6 years ago Archive.php 6 years ago ArchiveProcessor.php 6 years ago AssetManager.php 6 years ago Auth.php 6 years ago BaseFactory.php 6 years ago Cache.php 6 years ago CacheId.php 6 years ago CliMulti.php 6 years ago Common.php 6 years ago Config.php 6 years ago Console.php 6 years ago Context.php 6 years ago Cookie.php 5 years ago CronArchive.php 5 years ago DataArray.php 6 years ago DataTable.php 6 years ago Date.php 6 years ago Db.php 6 years ago DbHelper.php 6 years ago Development.php 6 years ago DeviceDetectorFactory.php 6 years ago ErrorHandler.php 6 years ago EventDispatcher.php 6 years ago ExceptionHandler.php 6 years ago FileIntegrity.php 6 years ago Filechecks.php 6 years ago Filesystem.php 6 years ago FrontController.php 6 years ago Http.php 6 years ago IP.php 6 years ago Log.php 6 years ago LogDeleter.php 6 years ago Mail.php 6 years ago Metrics.php 6 years ago MetricsFormatter.php 6 years ago Nonce.php 5 years ago Notification.php 6 years ago NumberFormatter.php 6 years ago Option.php 5 years ago Period.php 6 years ago Piwik.php 6 years ago Plugin.php 6 years ago Profiler.php 6 years ago ProxyHeaders.php 6 years ago ProxyHttp.php 6 years ago QuickForm2.php 6 years ago RankingQuery.php 6 years ago Registry.php 6 years ago ReportRenderer.php 6 years ago ScheduledTask.php 6 years ago Segment.php 6 years ago Sequence.php 6 years ago Session.php 6 years ago SettingsPiwik.php 6 years ago SettingsServer.php 6 years ago Singleton.php 6 years ago Site.php 6 years ago TCPDF.php 6 years ago TaskScheduler.php 6 years ago Theme.php 6 years ago Timer.php 6 years ago Tracker.php 6 years ago Translate.php 6 years ago Twig.php 6 years ago Unzip.php 6 years ago UpdateCheck.php 6 years ago Updater.php 6 years ago Updates.php 6 years ago Url.php 6 years ago UrlHelper.php 6 years ago Version.php 5 years ago View.php 6 years ago bootstrap.php 6 years ago dispatch.php 6 years ago testMinimumPhpVersion.php 6 years ago
Nonce.php
185 lines
1 <?php
2 /**
3 * Piwik - free/libre analytics platform
4 *
5 * @link https://matomo.org
6 * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
7 *
8 */
9 namespace Piwik;
10
11 use Piwik\Session\SessionNamespace;
12
13 /**
14 * Nonce class.
15 *
16 * A cryptographic nonce -- "number used only once" -- is often recommended as
17 * part of a robust defense against cross-site request forgery (CSRF/XSRF). This
18 * class provides static methods that create and manage nonce values.
19 *
20 * Nonces in Piwik are stored as a session variable and have a configurable expiration.
21 *
22 * Learn more about nonces [here](http://en.wikipedia.org/wiki/Cryptographic_nonce).
23 *
24 * @api
25 */
26 class Nonce
27 {
28 /**
29 * Returns an existing nonce by ID. If none exists, a new nonce will be generated.
30 *
31 * @param string $id Unique id to avoid namespace conflicts, e.g., `'ModuleName.ActionName'`.
32 * @param int $ttl Optional time-to-live in seconds; default is 5 minutes. (ie, in 5 minutes,
33 * the nonce will no longer be valid).
34 * @return string
35 */
36 public static function getNonce($id, $ttl = 600)
37 {
38 // save session-dependent nonce
39 $ns = new SessionNamespace($id);
40 $nonce = $ns->nonce;
41
42 // re-use an unexpired nonce (a small deviation from the "used only once" principle, so long as we do not reset the expiration)
43 // to handle browser pre-fetch or double fetch caused by some browser add-ons/extensions
44 if (empty($nonce)) {
45 // generate a new nonce
46 $nonce = md5(SettingsPiwik::getSalt() . time() . Common::generateUniqId());
47 $ns->nonce = $nonce;
48 }
49
50 // extend lifetime if nonce is requested again to prevent from early timeout if nonce is requested again
51 // a few seconds before timeout
52 $ns->setExpirationSeconds($ttl, 'nonce');
53
54 return $nonce;
55 }
56
57 /**
58 * Returns if a nonce is valid and comes from a valid request.
59 *
60 * A nonce is valid if it matches the current nonce and if the current nonce
61 * has not expired.
62 *
63 * The request is valid if the referrer is a local URL (see {@link Url::isLocalUrl()})
64 * and if the HTTP origin is valid (see {@link getAcceptableOrigins()}).
65 *
66 * @param string $id The nonce's unique ID. See {@link getNonce()}.
67 * @param string $cnonce Nonce sent from client.
68 * @return bool `true` if valid; `false` otherwise.
69 */
70 public static function verifyNonce($id, $cnonce)
71 {
72 $ns = new SessionNamespace($id);
73 $nonce = $ns->nonce;
74
75 // validate token
76 if (empty($cnonce) || $cnonce !== $nonce) {
77 return false;
78 }
79
80 // validate referrer
81 $referrer = Url::getReferrer();
82 if (!empty($referrer) && !Url::isLocalUrl($referrer)) {
83 return false;
84 }
85
86 // validate origin
87 $origin = self::getOrigin();
88 if (!empty($origin) &&
89 ($origin == 'null'
90 || !in_array($origin, self::getAcceptableOrigins()))
91 ) {
92 return false;
93 }
94
95 return true;
96 }
97
98 /**
99 * Force expiration of the current nonce.
100 *
101 * @param string $id The unique nonce ID.
102 */
103 public static function discardNonce($id)
104 {
105 $ns = new SessionNamespace($id);
106 $ns->unsetAll();
107 }
108
109 /**
110 * Returns the **Origin** HTTP header or `false` if not found.
111 *
112 * @return string|bool
113 */
114 public static function getOrigin()
115 {
116 if (!empty($_SERVER['HTTP_ORIGIN'])) {
117 return $_SERVER['HTTP_ORIGIN'];
118 }
119 return false;
120 }
121
122 /**
123 * Returns a list acceptable values for the HTTP **Origin** header.
124 *
125 * @return array
126 */
127 public static function getAcceptableOrigins()
128 {
129 $host = Url::getCurrentHost(null);
130
131 if (empty($host)) {
132 return array();
133 }
134
135 // parse host:port
136 if (preg_match('/^([^:]+):([0-9]+)$/D', $host, $matches)) {
137 $host = $matches[1];
138 $port = $matches[2];
139 $origins = array(
140 'http://' . $host,
141 'https://' . $host,
142 );
143 if ($port != 443) {
144 $origins[] = 'http://' . $host .':' . $port;
145 }
146 $origins[] = 'https://' . $host . ':' . $port;
147 } elseif (Config::getInstance()->General['force_ssl']) {
148 $origins = array(
149 'https://' . $host,
150 'https://' . $host . ':443',
151 );
152 } else {
153 $origins = array(
154 'http://' . $host,
155 'https://' . $host,
156 'http://' . $host . ':80',
157 'https://' . $host . ':443',
158 );
159 }
160
161 return $origins;
162 }
163
164 /**
165 * Verifies and discards a nonce.
166 *
167 * @param string $nonceName The nonce's unique ID. See {@link getNonce()}.
168 * @param string|null $nonce The nonce from the client. If `null`, the value from the
169 * **nonce** query parameter is used.
170 * @throws \Exception if the nonce is invalid. See {@link verifyNonce()}.
171 */
172 public static function checkNonce($nonceName, $nonce = null)
173 {
174 if ($nonce === null) {
175 $nonce = Common::getRequestVar('nonce', null, 'string');
176 }
177
178 if (!self::verifyNonce($nonceName, $nonce)) {
179 throw new \Exception(Piwik::translate('General_ExceptionNonceMismatch'));
180 }
181
182 self::discardNonce($nonceName);
183 }
184 }
185