MAGETWO-51376: Application Information disclosure on Update

Oleksii Korshenko · isitnikov · commit a9017302a22d · 2016-04-28T02:40:28.000+03:00
diff --git a/app/code/Magento/Backend/App/BackendAppList.php b/app/code/Magento/Backend/App/BackendAppList.php
@@ -44,6 +44,7 @@ public function getCurrentApp()
         if ($appName && isset($this->backendApps[$appName])) {
             return $this->backendApps[$appName];
         }
+        return null;
     }
 
     /**
diff --git a/setup/src/Magento/Setup/Mvc/Bootstrap/InitParamListener.php b/setup/src/Magento/Setup/Mvc/Bootstrap/InitParamListener.php
@@ -123,16 +123,20 @@ public function authPreDispatch($event)
                 /** @var \Magento\Framework\App\State $adminAppState */
                 $adminAppState = $objectManager->get('Magento\Framework\App\State');
                 $adminAppState->setAreaCode(\Magento\Framework\App\Area::AREA_ADMIN);
+                /** @var \Magento\Backend\Model\Session\AdminConfig $sessionConfig */
+                $sessionConfig = $objectManager->get(\Magento\Backend\Model\Session\AdminConfig::class);
+                $cookiePath = $this->getSetupCookiePath($objectManager);
+                $sessionConfig->setCookiePath($cookiePath);
                 /** @var \Magento\Backend\Model\Auth\Session $adminSession */
                 $adminSession = $objectManager->create(
                     \Magento\Backend\Model\Auth\Session::class,
                     [
-                        'sessionConfig' => $objectManager->get(\Magento\Backend\Model\Session\AdminConfig::class),
+                        'sessionConfig' => $sessionConfig,
                         'appState' => $adminAppState
                     ]
                 );
                 if (!$objectManager->get(\Magento\Backend\Model\Auth::class)->isLoggedIn()) {
-                    $adminSession->expireSessionCookie();
+                    $adminSession->destroy();
                     $response = $event->getResponse();
                     $response->getHeaders()->addHeaderLine('Location', 'index.php/session/unlogin');
                     $response->setStatusCode(302);
@@ -145,6 +149,25 @@ public function authPreDispatch($event)
         return false;
     }
 
+    /**
+     * Get cookie path
+     *
+     * @param \Magento\Framework\ObjectManagerInterface $objectManager
+     * @return string
+     */
+    private function getSetupCookiePath(\Magento\Framework\ObjectManagerInterface $objectManager)
+    {
+        /** @var \Magento\Backend\App\BackendAppList $backendAppList */
+        $backendAppList = $objectManager->get(\Magento\Backend\App\BackendAppList::class);
+        $backendApp = $backendAppList->getBackendApp('setup');
+        /** @var \Magento\Backend\Model\UrlFactory $backendUrlFactory */
+        $backendUrlFactory = $objectManager->get(\Magento\Backend\Model\UrlFactory::class);
+        $baseUrl = parse_url($backendUrlFactory->create()->getBaseUrl(), PHP_URL_PATH);
+        $baseUrl = \Magento\Framework\App\Request\Http::getUrlNoScript($baseUrl);
+        $cookiePath = $baseUrl . $backendApp->getCookiePath();
+        return $cookiePath;
+    }
+
     /**
      * {@inheritdoc}
      */

Original file line number	Diff line number	Diff line change
`@@ -44,6 +44,7 @@ public function getCurrentApp()`
`44`	`44`	`if ($appName && isset($this->backendApps[$appName])) {`
`45`	`45`	`return $this->backendApps[$appName];`
`46`	`46`	`}`
	`47`	`+ return null;`
`47`	`48`	`}`
`48`	`49`
`49`	`50`	`/**`