Secure a slug in Symfony2.1

Question

How would you secure a slug in Symfony2.1?

A malicious user could append ";rm -rf *" to the id value and delete the entire Website. In symfony2.1, is there a simple way to secure the slugs?

I have tried to secure an id this way.

/**
 * The idea is to check that the slug cart_id is an id and not
 *
 * @Route("/{cart_id}/show", name="show_cart")
 * @Template()
 */
public function showCartAction($cart_id)
{

    if (!preg_match("/^[0-9]{2}$/", $cart_id))
    {
       throw new \Exception("the id is not correct");
    }

    $cart = $this->getCartManager()
        ->getCart($cart_id);

    return array(
        'cart'=> cart
    );
}

Do you find this necessary? Would you do it this way ?

I'm really curious how you think that `rm -rf` attack could possibly work. — Maerlyn, Aug 18 '12 at 18:17

score 4 · Accepted Answer · edited May 23 '17 at 11:53

4

You can ensure that cart_id will always accept integer by adding requirements in @Route annotation. e.g

/**
 * @Route("/{cart_id}/show", name="show_cart", requirements={"cart_id" = ("\d+")})
 * @Template()
 */

But still there is almost zero chance that the attacker will execute malicious query via sql-injection as Doctrine2 uses PDO prepared statement with parametarized query. For more information about prepared statement with parametarized query see here and here.

edited May 23 '17 at 11:53

Community

1
1

answered Aug 18 '12 at 17:38

Mun Mun Das

14,992
2
44
43

It should be this instead: requirements={"cart_id" = "\d+"} – Mick Aug 19 '12 at 13:58

Secure a slug in Symfony2.1

How would you secure a slug in Symfony2.1?

1 Answers1