Description
Symfony version(s) affected
7.2.4
Description
When login_check is requested and the request parameters have the wrong type (userIdentifier, hash, expires) it throws 500 exceptions because the acceptSignatureHash
method expects the parameters to be of certain types ($userIdentifier
a string, $expires
an int and $hash
a string).
How to reproduce
Implement LoginLink and then request login via link:
https://example.com/login/link_check?expires=%E2%80%AA1747385844%E2%80%AC&hash=somehash&user=%E2%80%AA123456789%E2%80%AC
Here the expires
parameter is flanked by zero-width spaces. This leads to a 500 error because expires
is expected to be an int but here it is a string. I'm not exactly sure why the zero-width spaces are added (maybe some email clients do that?), but in any case, I think this should not lead to a 500 error.
Possible Solution
Be more strict in the LoginLinkHandler. In addition to checking if the required parameters exist (which is already done after this PR #48292), the type should also be checked.
Additional Context
Symfony\Component\Security\Core\Signature\SignatureHasher::acceptSignatureHash(): Argument #2 ($expires) must be of type int, string given, called in /srv/portal/vendor/symfony/security-http/LoginLink/LoginLinkHandler.php on line 98