From 69f343055271ca9d85386104069576d34ae42200 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Mon, 9 Jan 2017 12:52:43 +0100
Subject: [PATCH] Allow access to CSS resources

Fixes https://github.com/nextcloud/server/issues/2984

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
---
 lib/base.php | 24 ++++++++++++++++--------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/lib/base.php b/lib/base.php
index 4a9158eff6..0fc34b3d9b 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -791,23 +791,31 @@ class OC {
 			&& !\OC::$server->getTrustedDomainHelper()->isTrustedDomain($host)
 			&& self::$server->getConfig()->getSystemValue('installed', false)
 		) {
-			header('HTTP/1.1 400 Bad Request');
-			header('Status: 400 Bad Request');
+			// Allow access to CSS resources
+			$isScssRequest = false;
+			if(strpos($request->getPathInfo(), '/css/') === 0) {
+				$isScssRequest = true;
+			}
 
-			\OC::$server->getLogger()->warning(
+			if (!$isScssRequest) {
+				header('HTTP/1.1 400 Bad Request');
+				header('Status: 400 Bad Request');
+
+				\OC::$server->getLogger()->warning(
 					'Trusted domain error. "{remoteAddress}" tried to access using "{host}" as host.',
 					[
 						'app' => 'core',
 						'remoteAddress' => $request->getRemoteAddress(),
 						'host' => $host,
 					]
-			);
+				);
 
-			$tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
-			$tmpl->assign('domain', $host);
-			$tmpl->printPage();
+				$tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
+				$tmpl->assign('domain', $host);
+				$tmpl->printPage();
 
-			exit();
+				exit();
+			}
 		}
 		\OC::$server->getEventLogger()->end('boot');
 	}