diff --git a/ecrire/inc_aide_index.php b/ecrire/inc_aide_index.php
index e644e4d4219b82b8d657bafbe38c4e3335cfe087..ef5ba2e07a8a9799f34be645bf122e06ab07b5f7 100644
--- a/ecrire/inc_aide_index.php
+++ b/ecrire/inc_aide_index.php
@@ -252,7 +252,7 @@ function help_img($regs) {
echo $contenu;
ecrire_fichier (_DIR_CACHE . 'aide-'.$cache, $contenu);
} else
- header ("Location: $help_server/$rep/$lang/$file");
+ redirige_par_entete("$help_server/$rep/$lang/$file");
}
exit;
}
@@ -475,7 +475,7 @@ else {
if (!$html) {
// Renvoyer sur l'aide en ligne du serveur externe
if ($help_server)
- @Header("Location: $help_server/?lang=$spip_lang");
+ redirige_par_entete("$help_server/?lang=$spip_lang");
// Sinon message d'erreur
else {
erreur_aide_indisponible();
diff --git a/ecrire/inc_documents.php3 b/ecrire/inc_documents.php3
index 62e83208edbaf4c9cca61dde91d51d8b6581f597..6c388c2f3a4680130619d4bd11355217cebd2922 100644
--- a/ecrire/inc_documents.php3
+++ b/ecrire/inc_documents.php3
@@ -432,7 +432,8 @@ function afficher_formulaire_taille($document, $type_inclus='AUTO') {
$type_inclus = $type['inclus'];
if (($type_inclus == "embed" #meme pour le MP3 : "l x h pixels"?
- OR $type_inclus == "image")) {
+ OR $type_inclus == "image")
+ AND $document['largeur']*$document['hauteur']) {
echo "<br /><b>"._T('entree_dimensions')."</b><br />\n";
echo "<input type='text' name='largeur_document' class='fondl' style='font-size:9px;' value=\"".$document['largeur']."\" size='5'>";
echo " × <input type='text' name='hauteur_document' class='fondl' style='font-size:9px;' value=\"".$document['hauteur']."\" size='5'> "._T('info_pixels');
diff --git a/ecrire/inc_version.php3 b/ecrire/inc_version.php3
index c02e005f529113a908554829146a936cf9fc3920..e64d27201202b487181c935baf66b40839df0b23 100644
--- a/ecrire/inc_version.php3
+++ b/ecrire/inc_version.php3
@@ -583,7 +583,7 @@ function spip_query($query) {
// moins bien les erreurs timeout sur SQL), on ne force donc pas l'upgrade
if ($GLOBALS['spip_connect_version'] < 0.1) {
if (!_DIR_RESTREINT) {$GLOBALS['db_ok'] = false; return;}
- @Header("Location: upgrade.php3?reinstall=oui");
+ redirige_par_entete("upgrade.php3?reinstall=oui");
exit;
}
@@ -1054,10 +1054,17 @@ function creer_repertoire($base, $subdir) {
//
// Entetes
//
+
+// Interdire les attaques par manipulation des headers
+function spip_header($h) {
+ @header(strtr($h, "\n\r", " "));
+}
+
+// envoyer le navigateur sur une nouvelle adresse
function redirige_par_entete($url) {
spip_log("redirige $url");
http_status(302);
- header("Location: $url");
+ spip_header("Location: $url");
exit;
}
diff --git a/ecrire/install.php3 b/ecrire/install.php3
index 32893b6fc50651476763c513e96d81e1c8c53344..7c5158c58b3f6ca1ad1d0e2b3ab91327f60bc045 100644
--- a/ecrire/install.php3
+++ b/ecrire/install.php3
@@ -499,13 +499,13 @@ else if ($etape == 1) {
}
else if ($etape == 'dirs') {
- header("Location: ../spip_test_dirs.php3");
+ redirige_par_entete("../spip_test_dirs.php3");
}
else if (!$etape) {
$menu_langues = menu_langues('var_lang_ecrire');
if (!$menu_langues)
- header("Location: ../spip_test_dirs.php3");
+ redirige_par_entete("../spip_test_dirs.php3");
else {
install_debut_html();
echo _VALIDE_CLAVIER;
diff --git a/ecrire/unpack.php3 b/ecrire/unpack.php3
index 7a21fb84a187adf5547017adcf496ef28d7344da..960d73fbc7afa74d186367f6d8a82c727a937dab 100644
--- a/ecrire/unpack.php3
+++ b/ecrire/unpack.php3
@@ -26,10 +26,10 @@ $hash = calculer_action_auteur("unpack");
fin_admin($action);
if (@file_exists("../spip_loader.php3"))
- @header("Location: ../spip_loader.php3?hash=$hash&id_auteur=$connect_id_auteur");
+ redirige_par_entete("../spip_loader.php3?hash=$hash&id_auteur=$connect_id_auteur");
else if (@file_exists("../spip_unpack.php3"))
- @header("Location: ../spip_unpack.php3?hash=$hash&id_auteur=$connect_id_auteur");
+ redirige_par_entete("../spip_unpack.php3?hash=$hash&id_auteur=$connect_id_auteur");
else
- @header("Location: ../spip_loader.php3?hash=$hash&id_auteur=$connect_id_auteur");
+ redirige_par_entete("../spip_loader.php3?hash=$hash&id_auteur=$connect_id_auteur");
?>
diff --git a/ecrire/upgrade.php3 b/ecrire/upgrade.php3
index e09e3279b9ae76b77cc9705940a91a15b2372bb3..0160c21540bfed7c276c6538405eb16671e5d307 100644
--- a/ecrire/upgrade.php3
+++ b/ecrire/upgrade.php3
@@ -89,8 +89,10 @@ fin_admin($upgrade_titre);
if ($ok) {
$hash = calculer_action_auteur("purger_cache");
- @header ("Location: ../spip_cache.php3?purger_cache=oui&id_auteur=$connect_id_auteur&hash=$hash&redirect=" . _DIR_RESTREINT_ABS . "index.php3");
- }
+ redirige_par_entete("../spip_cache.php3?purger_cache=oui"
+ ."&id_auteur=$connect_id_auteur&hash=$hash"
+ ."&redirect=" . _DIR_RESTREINT_ABS . "index.php3");
+}
else {
include_ecrire ('inc_lang.php3');
echo _T('alerte_maj_impossible', array('version' => $spip_version));
diff --git a/inc-calcul.php3 b/inc-calcul.php3
index 5977b524812149e4f8fcd0566c307f60d08e0ff8..35319a66dcf00183c633f4aacebc9df9e6da1190 100644
--- a/inc-calcul.php3
+++ b/inc-calcul.php3
@@ -236,7 +236,7 @@ function calculer_page_globale($cache, $contexte_local, $fond) {
if ($url) { // sinon les navigateurs pataugent
$url = texte_script(str_replace('&', '&', $url));
$page = array('texte' => "<".
- "?php header('Location: $url'); ?" . ">",
+ "?php redirige_par_entete('$url'); ?" . ">",
'process_ins' => 'php');
}
}
diff --git a/inc-urls-propres.php3 b/inc-urls-propres.php3
index a04e7ffb69134fdec1ce4d2dcaf8a53916ac07ab..f38017ab7214be13424a00d1796c026dd8dd110f 100644
--- a/inc-urls-propres.php3
+++ b/inc-urls-propres.php3
@@ -202,8 +202,7 @@ preg_match(',(^|/)((article|breve|rubrique|mot|auteur|site)(\.php3?|[0-9]+\.html
// recuperer les arguments supplementaires (&debut_xxx=...)
$reste = preg_replace('/^&/','?',
preg_replace("/[?&]$id_table_objet=$id_objet/",'',$regs[5]));
- Header("Location: $url_propre$reste");
- exit;
+ redirige_par_entete("$url_propre$reste");
}
}
return;
diff --git a/spip_background.php3 b/spip_background.php3
index 01e394072a78a99e6a67ef8d7ab9e353de0f2c1c..6ee3d0362803fac627b59b6279153cda0c65e122 100644
--- a/spip_background.php3
+++ b/spip_background.php3
@@ -14,10 +14,9 @@
// Du cote de la page HTML, utiliser un background-image en feuille de style
// plutot qu'un <img>, c'est plus discret notamment sous navigateur texte
$image = pack("H*", "47494638396118001800800000ffffff00000021f90401000000002c0000000018001800000216848fa9cbed0fa39cb4da8bb3debcfb0f86e248965301003b");
-$size = strlen($image);
Header("Content-Type: image/gif");
-Header("Content-Length: ".$size);
+Header("Content-Length: ".strlen($image));
Header("Cache-Control: no-cache,no-store");
Header("Pragma: no-cache");
Header("Connection: close");
diff --git a/spip_cookie.php3 b/spip_cookie.php3
index bbd68e102315cd9a5bd5b76709c1ddee3d7dd570..ab39b07a78bc4cff1f782eadcddeec3386ef03ee 100644
--- a/spip_cookie.php3
+++ b/spip_cookie.php3
@@ -236,7 +236,7 @@ if (ereg("^Apache", $SERVER_SOFTWARE)) {
redirige_par_entete($redirect);
}
else {
- @header("Refresh: 0; url=" . $redirect);
+ spip_header("Refresh: 0; url=" . $redirect);
echo "<html><head>";
echo "<meta http-equiv='Refresh' content='0; url=".$redirect."'>";
echo "</head>\n";
diff --git a/spip_login.php3 b/spip_login.php3
index 4c9b8ff21de45b6b796ccf7ac005ce54d42c53cf..f74c9a5b217ccb0c7b4f692422e7c43eaa150b4d 100644
--- a/spip_login.php3
+++ b/spip_login.php3
@@ -19,10 +19,9 @@ $forcer_lang = true;
// Compatibilite anciennes versions de SPIP : si un 'var_url' (cible du login)
// est passe, renvoyer vers la meme adresse mais avec 'url'
if (isset($_SERVER['REQUEST_URI'])
-AND strpos($_SERVER['REQUEST_URI'], 'var_url')) {
- header('Location: '.str_replace('var_url', 'url', $_SERVER['REQUEST_URI']));
- exit;
-}
+AND strpos($_SERVER['REQUEST_URI'], 'var_url'))
+ redirige_par_entete(str_replace('var_url', 'url', $_SERVER['REQUEST_URI']));
+
// Fin compatibilite
include ("inc-public.php3");