OEmbedIframeController returns an HTTP response code that can be cached by forward proxies when it is given illegal parameters

Created on 13 June 2023, over 1 year ago
Updated 14 June 2023, over 1 year ago

This was previously reported to the Drupal Security Team and has been deemed appropriate for a public issue.

Problem/Motivation

In some site configurations the /media/oembed endpoint, if passed a bad hash value, returns a cacheable response. In these circumstances all media OEmbeds will be broken.

Proposed resolution

Return an uncacheable response to bad input.

Release notes snippet

@todo

Background information

🐛 Bug report
Status

Fixed

Version

9.5

Component
Media 

Last updated 1 day ago

Created by

Live updates comments and jobs are added and updated live.
  • Security

    It is used for security vulnerabilities which do not need a security advisory. For example, security issues in projects which do not have security advisory coverage, or forward-porting a change already disclosed in a security advisory. See Drupal’s security advisory policy for details. Be careful publicly disclosing security vulnerabilities! Use the “Report a security vulnerability” link in the project page’s sidebar. See how to report a security issue for details.

  • Security improvements

    It makes Drupal less vulnerable to abuse or misuse. Note, this is the preferred tag, though the Security tag has a large body of issues tagged to it. Do NOT publicly disclose security vulnerabilities; contact the security team instead. Anyone (whether security team or not) can apply this tag to security improvements that do not directly present a vulnerability e.g. hardening an API to add filtering to reduce a common mistake in contributed modules.

Sign in to follow issues

Comments & Activities

Production build 0.71.5 2024