AC-1843: Fixed path traversal issue for error reporting

nvshivakumar · nvshivakumar · commit ebab16f31971 · 2022-01-13T22:37:44.000+05:30
diff --git a/pub/errors/default/page.phtml b/pub/errors/default/page.phtml
@@ -10,7 +10,7 @@
 <html xmlns="http://www.w3.org/1999/xhtml" >
 <head>
     <title><?= $this->pageTitle ?></title>
-    <base href="<?= $this->escaper->escapeHtml($this->getViewFileUrl()) ?>" />
+    <base href="<?= $this->escaper->escapeHtmlAttr($this->getViewFileUrl()) ?>" />
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
     <meta name="robots" content="*"/>
     <link rel="stylesheet" href="css/styles.css" type="text/css" />
diff --git a/pub/errors/processor.php b/pub/errors/processor.php
@@ -270,7 +270,7 @@ public function getViewFileUrl()
         $errorPath = strpos($errorDir, $indexDir) === 0 ?
             str_replace($indexDir, '', $errorDir) : $errorPathSuffix;
 
-        return ltrim($this->getBaseUrl() . $errorPath . $this->_config->skin . '/','.');
+        return $this->getBaseUrl() . $errorPath . $this->_config->skin . '/';
     }
 
     /**

Original file line number	Diff line number	Diff line change
`@@ -270,7 +270,7 @@ public function getViewFileUrl()`
`270`	`270`	`$errorPath = strpos($errorDir, $indexDir) === 0 ?`
`271`	`271`	`str_replace($indexDir, '', $errorDir) : $errorPathSuffix;`
`272`	`272`
`273`		`- return ltrim($this->getBaseUrl() . $errorPath . $this->_config->skin . '/','.');`
	`273`	`+ return $this->getBaseUrl() . $errorPath . $this->_config->skin . '/';`
`274`	`274`	`}`
`275`	`275`
`276`	`276`	`/**`