Show a link to the docs instead of a button on the untrusted domain page
Before there was a button to "quickly" add the untrusted domain to the config. This button often didn't worked, because the generated URL was often untrusted as well. Thus removing it and providing proper docs seems to be the better approach to handle this rare case. Also the log should not be spammed by messages for the untrusted domain accesses, because they are user related and not necessarily an administrative issue. Signed-off-by: Morris Jobke <hey@morrisjobke.de>
This commit is contained in:
Morris Jobke
parent
42b7dfe9ac
commit
0d5142be70
|
|
@ -6,12 +6,8 @@
|
|||
<p>
|
||||
<?php p($l->t('Please contact your administrator. If you are an administrator, edit the "trusted_domains" setting in config/config.php like the example in config.sample.php.')); ?>
|
||||
</p>
|
||||
<br />
|
||||
<p>
|
||||
<?php p($l->t('Depending on your configuration, this button could also work to trust the domain:')); ?>
|
||||
</p>
|
||||
<p style="text-align:center;">
|
||||
<a href="<?php print_unescaped(\OC::$server->getURLGenerator()->getAbsoluteURL(\OC::$server->getURLGenerator()->linkToRoute('settings.AdminSettings.index'))); ?>?trustDomain=<?php p($_['domain']); ?>" class="button">
|
||||
<?php p($l->t('Add "%s" as trusted domain', array($_['domain']))); ?>
|
||||
</a>
|
||||
<?php print_unescaped($l->t('Further information how to configure this can be found in the %sdocumentation%s.', ['<a href="' . $_['docUrl'] . '" target="blank">', '</a>'])); ?>
|
||||
</p>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -778,7 +778,7 @@ class OC {
|
|||
OC_Response::setStatus(\OC_Response::STATUS_BAD_REQUEST);
|
||||
header('Status: 400 Bad Request');
|
||||
|
||||
\OC::$server->getLogger()->warning(
|
||||
\OC::$server->getLogger()->info(
|
||||
'Trusted domain error. "{remoteAddress}" tried to access using "{host}" as host.',
|
||||
[
|
||||
'app' => 'core',
|
||||
|
|
@ -788,7 +788,7 @@ class OC {
|
|||
);
|
||||
|
||||
$tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
|
||||
$tmpl->assign('domain', $host);
|
||||
$tmpl->assign('docUrl', \OC::$server->getURLGenerator()->linkToDocs('admin-trusted-domains'));
|
||||
$tmpl->printPage();
|
||||
|
||||
exit();
|
||||
|
|
|
|||
|
|
@ -897,7 +897,6 @@ return array(
|
|||
'OC\\Settings\\Controller\\LogSettingsController' => $baseDir . '/settings/Controller/LogSettingsController.php',
|
||||
'OC\\Settings\\Controller\\MailSettingsController' => $baseDir . '/settings/Controller/MailSettingsController.php',
|
||||
'OC\\Settings\\Controller\\PersonalSettingsController' => $baseDir . '/settings/Controller/PersonalSettingsController.php',
|
||||
'OC\\Settings\\Controller\\SecuritySettingsController' => $baseDir . '/settings/Controller/SecuritySettingsController.php',
|
||||
'OC\\Settings\\Controller\\UsersController' => $baseDir . '/settings/Controller/UsersController.php',
|
||||
'OC\\Settings\\Hooks' => $baseDir . '/settings/Hooks.php',
|
||||
'OC\\Settings\\Mailer\\NewUserMailHelper' => $baseDir . '/settings/Mailer/NewUserMailHelper.php',
|
||||
|
|
|
|||
|
|
@ -927,7 +927,6 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
|
|||
'OC\\Settings\\Controller\\LogSettingsController' => __DIR__ . '/../../..' . '/settings/Controller/LogSettingsController.php',
|
||||
'OC\\Settings\\Controller\\MailSettingsController' => __DIR__ . '/../../..' . '/settings/Controller/MailSettingsController.php',
|
||||
'OC\\Settings\\Controller\\PersonalSettingsController' => __DIR__ . '/../../..' . '/settings/Controller/PersonalSettingsController.php',
|
||||
'OC\\Settings\\Controller\\SecuritySettingsController' => __DIR__ . '/../../..' . '/settings/Controller/SecuritySettingsController.php',
|
||||
'OC\\Settings\\Controller\\UsersController' => __DIR__ . '/../../..' . '/settings/Controller/UsersController.php',
|
||||
'OC\\Settings\\Hooks' => __DIR__ . '/../../..' . '/settings/Hooks.php',
|
||||
'OC\\Settings\\Mailer\\NewUserMailHelper' => __DIR__ . '/../../..' . '/settings/Mailer/NewUserMailHelper.php',
|
||||
|
|
|
|||
|
|
@ -1,72 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
||||
*
|
||||
* @author Lukas Reschke <lukas@statuscode.ch>
|
||||
* @author Morris Jobke <hey@morrisjobke.de>
|
||||
* @author Roeland Jago Douma <roeland@famdouma.nl>
|
||||
*
|
||||
* @license AGPL-3.0
|
||||
*
|
||||
* This code is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License, version 3,
|
||||
* as published by the Free Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License, version 3,
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OC\Settings\Controller;
|
||||
|
||||
use \OCP\AppFramework\Controller;
|
||||
use OCP\IRequest;
|
||||
use OCP\IConfig;
|
||||
|
||||
/**
|
||||
* @package OC\Settings\Controller
|
||||
*/
|
||||
class SecuritySettingsController extends Controller {
|
||||
/** @var \OCP\IConfig */
|
||||
private $config;
|
||||
|
||||
/**
|
||||
* @param string $appName
|
||||
* @param IRequest $request
|
||||
* @param IConfig $config
|
||||
*/
|
||||
public function __construct($appName,
|
||||
IRequest $request,
|
||||
IConfig $config) {
|
||||
parent::__construct($appName, $request);
|
||||
$this->config = $config;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array
|
||||
*/
|
||||
protected function returnSuccess() {
|
||||
return array(
|
||||
'status' => 'success'
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Add a new trusted domain
|
||||
* @param string $newTrustedDomain The newly to add trusted domain
|
||||
* @return array
|
||||
*/
|
||||
public function trustedDomains($newTrustedDomain) {
|
||||
$trustedDomains = $this->config->getSystemValue('trusted_domains', []);
|
||||
$trustedDomains[] = $newTrustedDomain;
|
||||
$this->config->setSystemValue('trusted_domains', $trustedDomains);
|
||||
|
||||
return $this->returnSuccess();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -1,29 +1,4 @@
|
|||
$(document).ready(function(){
|
||||
var params = OC.Util.History.parseUrlQuery();
|
||||
|
||||
// Hack to add a trusted domain
|
||||
if (params.trustDomain) {
|
||||
var potentialDomain = params.trustDomain;
|
||||
potentialDomain = encodeURI(escapeHTML(potentialDomain));
|
||||
potentialDomain = '<span class="trusted-domain-warning">' + potentialDomain + '</span>';
|
||||
|
||||
OC.dialogs.confirmHtml(t('settings', 'Are you really sure you want add {domain} as trusted domain?', {
|
||||
domain: potentialDomain
|
||||
}, undefined, {escape: false}),
|
||||
t('settings', 'Add trusted domain'), function(answer) {
|
||||
if(answer) {
|
||||
$.ajax({
|
||||
type: 'POST',
|
||||
url: OC.generateUrl('settings/admin/security/trustedDomains'),
|
||||
data: { newTrustedDomain: params.trustDomain }
|
||||
}).done(function() {
|
||||
window.location.replace(OC.generateUrl('settings/admin'));
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
$('#excludedGroups').each(function (index, element) {
|
||||
OC.Settings.setupGroupsSelect($(element));
|
||||
$(element).change(function(ev) {
|
||||
|
|
|
|||
|
|
@ -50,7 +50,6 @@ $application->registerRoutes($this, [
|
|||
['name' => 'AppSettings#listCategories', 'url' => '/settings/apps/categories', 'verb' => 'GET'],
|
||||
['name' => 'AppSettings#viewApps', 'url' => '/settings/apps', 'verb' => 'GET'],
|
||||
['name' => 'AppSettings#listApps', 'url' => '/settings/apps/list', 'verb' => 'GET'],
|
||||
['name' => 'SecuritySettings#trustedDomains', 'url' => '/settings/admin/security/trustedDomains', 'verb' => 'POST'],
|
||||
['name' => 'Users#setDisplayName', 'url' => '/settings/users/{username}/displayName', 'verb' => 'POST'],
|
||||
['name' => 'Users#setEMailAddress', 'url' => '/settings/users/{id}/mailAddress', 'verb' => 'PUT'],
|
||||
['name' => 'Users#setUserSettings', 'url' => '/settings/users/{username}/settings', 'verb' => 'PUT'],
|
||||
|
|
|
|||
|
|
@ -33,7 +33,6 @@ use OC\Settings\Controller\CheckSetupController;
|
|||
use OC\Settings\Controller\GroupsController;
|
||||
use OC\Settings\Controller\LogSettingsController;
|
||||
use OC\Settings\Controller\MailSettingsController;
|
||||
use OC\Settings\Controller\SecuritySettingsController;
|
||||
use OC\Settings\Controller\UsersController;
|
||||
use OC\Settings\Middleware\SubadminMiddleware;
|
||||
use OCP\AppFramework\Controller;
|
||||
|
|
@ -76,7 +75,6 @@ class ApplicationTest extends TestCase {
|
|||
[GroupsController::class, Controller::class],
|
||||
[LogSettingsController::class, Controller::class],
|
||||
[MailSettingsController::class, Controller::class],
|
||||
[SecuritySettingsController::class, Controller::class],
|
||||
[UsersController::class, Controller::class],
|
||||
|
||||
[SubadminMiddleware::class, Middleware::class],
|
||||
|
|
|
|||
|
|
@ -1,72 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* @author Lukas Reschke
|
||||
* @copyright 2014 Lukas Reschke lukas@owncloud.com
|
||||
*
|
||||
* This file is licensed under the Affero General Public License version 3 or
|
||||
* later.
|
||||
* See the COPYING-README file.
|
||||
*/
|
||||
namespace Tests\Settings\Controller;
|
||||
|
||||
use \OC\Settings\Application;
|
||||
use OC\Settings\Controller\SecuritySettingsController;
|
||||
use OCP\IConfig;
|
||||
use OCP\IRequest;
|
||||
|
||||
/**
|
||||
* @package Tests\Settings\Controller
|
||||
*/
|
||||
class SecuritySettingsControllerTest extends \Test\TestCase {
|
||||
|
||||
/** @var IConfig|\PHPUnit_Framework_MockObject_MockObject */
|
||||
private $config;
|
||||
|
||||
/** @var SecuritySettingsController */
|
||||
private $securitySettingsController;
|
||||
|
||||
protected function setUp() {
|
||||
parent::setUp();
|
||||
|
||||
$this->config = $this->createMock(IConfig::class);
|
||||
$this->securitySettingsController = new SecuritySettingsController(
|
||||
'settings',
|
||||
$this->createMock(IRequest::class),
|
||||
$this->config
|
||||
);
|
||||
}
|
||||
|
||||
public function testTrustedDomainsWithExistingValues() {
|
||||
$this->config
|
||||
->expects($this->once())
|
||||
->method('setSystemValue')
|
||||
->with('trusted_domains', array('owncloud.org', 'owncloud.com', 'newdomain.com'));
|
||||
$this->config
|
||||
->expects($this->once())
|
||||
->method('getSystemValue')
|
||||
->with('trusted_domains')
|
||||
->will($this->returnValue(array('owncloud.org', 'owncloud.com')));
|
||||
|
||||
$response = $this->securitySettingsController->trustedDomains('newdomain.com');
|
||||
$expectedResponse = array('status' => 'success');
|
||||
|
||||
$this->assertSame($expectedResponse, $response);
|
||||
}
|
||||
|
||||
public function testTrustedDomainsEmpty() {
|
||||
$this->config
|
||||
->expects($this->once())
|
||||
->method('setSystemValue')
|
||||
->with('trusted_domains', array('newdomain.com'));
|
||||
$this->config
|
||||
->expects($this->once())
|
||||
->method('getSystemValue')
|
||||
->with($this->equalTo('trusted_domains'), $this->equalTo([]))
|
||||
->willReturn([]);
|
||||
|
||||
$response = $this->securitySettingsController->trustedDomains('newdomain.com');
|
||||
$expectedResponse = array('status' => 'success');
|
||||
|
||||
$this->assertSame($expectedResponse, $response);
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue