search

eckmar-community / eckmar

Open-source marketplace on Laravel (PHP). Also known as the Eckmar's Marketplace Script.
104 stars 60 forks source link

Special Characters in search show error and dump .ENV file to Browser #117

Open Triggerhappyme opened 4 months ago

Triggerhappyme commented 4 months ago

so in the search bar, or in the Search terms: of Detailed Search if you include any of the following characters in your search " or { or } you get a error in this example i search for " and i am redirected to the url: http://127.0.0.1/search?query=%22&category=any&type=all&order_by=newest

with the following

/var/www/eckmar/vendor/elasticsearch/elasticsearch/src/Elasticsearch/Connections/Connection.php

    $exception = $this->tryDeserialize400Error($response);

    if (array_search($response['status'], $ignore) !== false) {
        return;
    }

    if ($statusCode === 400 && strpos($responseBody, "AlreadyExpiredException") !== false) {
        $exception = new AlreadyExpiredException($responseBody, $statusCode);
    } elseif ($statusCode === 403) {
        $exception = new Forbidden403Exception($responseBody, $statusCode);
    } elseif ($statusCode === 404) {
        $exception = new Missing404Exception($responseBody, $statusCode);
    } elseif ($statusCode === 409) {
        $exception = new Conflict409Exception($responseBody, $statusCode);
    } elseif ($statusCode === 400 && strpos($responseBody, 'script_lang not supported') !== false) {
        $exception = new ScriptLangNotSupportedException($responseBody. $statusCode);
    } elseif ($statusCode === 408) {
        $exception = new RequestTimeout408Exception($responseBody, $statusCode);
    } else {
        $exception = new BadRequest400Exception($responseBody, $statusCode);
    }

    $this->logRequestFail(
        $request['http_method'],
        $response['effective_url'],
        $request['body'],
        $request['headers'],
        $response['status'],
        $response['body'],
        $response['transfer_stats']['total_time'],
        $exception
    );

    throw $exception;
}

/**
 * @param $request
 * @param $response
 * @param $ignore

Arguments

"{"error":{"root_cause":[{"type":"query_parsing_exception","reason":"Failed to parse query [*\"*]","index":"marketplace","line":1,"col":58}],"type":"search_phase_execution_exception","reason":"all shards failed","phase":"query","grouped":true,"failed_shards":[{"shard":0,"index":"marketplace","node":"dELvXojzTsWKXtVhGARHrA","reason":{"type":"query_parsing_exception","reason":"Failed to parse query [*\"*]","index":"marketplace","line":1,"col":58,"caused_by":{"type":"parse_exception","reason":"Cannot parse '*\"*': Lexical error at line 1, column 4.  Encountered: <EOF> after : \"\\\"*\"","caused_by":{"type":"token_mgr_error","reason":"Lexical error at line 1, column 4.  Encountered: <EOF>

then my Whole .env file is displayed. it seems this is done by the Whoops PrettyPageHandler.php

in the code i found that it dumps the following on the page 

"tables"      => [
            "GET Data"              => $this->masked($_GET, '_GET'),
            "POST Data"             => $this->masked($_POST, '_POST'),
            "Files"                 => isset($_FILES) ? $this->masked($_FILES, '_FILES') : [],
            "Cookies"               => $this->masked($_COOKIE, '_COOKIE'),
            "Session"               => isset($_SESSION) ? $this->masked($_SESSION, '_SESSION') :  [],
            "Server/Request Data"   => $this->masked($_SERVER, '_SERVER'),
            "Environment Variables" => $this->masked($_ENV, '_ENV'),
        ],

i think its an issue with sanitizing but im not sure? can anyone shed some light please.

Triggerhappyme commented 4 months ago

what does this mean?

"{"error":{"root_cause":[{"type":"query_parsing_exception","reason":"Failed to parse query [\"]","index":"marketplace","line":1,"col":58}],"type":"search_phase_execution_exception" ,"reason":"all shards failed","phase":"query","grouped":true,"failed_shards": [{"shard":0,"index":"marketplace","node":"dELvXojzTsWKXtVhGARHrA","reason": {"type":"query_parsing_exception","reason":"Failed to parse query [\"]","index":"marketplace","line":1,"col":58,"caused_by": {"type":"parse_exception","reason":"Cannot parse '\"': Lexical error at line 1, column 4. Encountered: after : \"\\"*\"","caused_by": {"type":"token_mgr_error","reason":"Lexical error at line 1, column 4. Encountered:

whitevoid90 commented 4 months ago

in the .env file set app_debug to false

anprguy commented 4 months ago

in the .env file set app_debug to false

Thank you.

This hides the .env dump but does not resolve the fact that the query input needs sanitizing.

anprguy commented 4 months ago

If you want to stop the 500 errors you can filter out any special characters in the product search controller. [app/html/controllers/]