mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #20632 from nextcloud/bugfix/20624 

Only catch anonymous OPTIONS for Office
This commit is contained in:
Morris Jobke 2020-04-27 10:38:32 +02:00 committed by GitHub
parent 8f532105f9 d7161b4eee
commit 3c5c4caa4d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 22 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php
View File

@ -67,9 +67,9 @@ class AnonymousOptionsPlugin extends ServerPlugin {
$emptyAuth = $request->getHeader('Authorization') === null
|| $request->getHeader('Authorization') === ''
|| trim($request->getHeader('Authorization')) === 'Bearer';
$isAnonymousOption = $request->getMethod() === 'OPTIONS' && $emptyAuth;
$isAnonymousOfficeOption = $request->getMethod() === 'OPTIONS' && $isOffice && $emptyAuth;
$isOfficeHead = $request->getMethod() === 'HEAD' && $isOffice && $emptyAuth;
if ($isAnonymousOption || $isOfficeHead) {
if ($isAnonymousOfficeOption || $isOfficeHead) {
/** @var CorePlugin $corePlugin */
$corePlugin = $this->server->getPlugin('core');
// setup a fake tree for anonymous access

22
apps/dav/tests/unit/DAV/AnonymousOptionsTest.php
View File

@ -53,18 +53,36 @@ class AnonymousOptionsTest extends TestCase {
public function testAnonymousOptionsRoot() {
$response = $this->sendRequest('OPTIONS', '');
$this->assertEquals(200, $response->getStatus());
$this->assertEquals(401, $response->getStatus());
}
public function testAnonymousOptionsNonRoot() {
$response = $this->sendRequest('OPTIONS', 'foo');
$this->assertEquals(200, $response->getStatus());
$this->assertEquals(401, $response->getStatus());
}
public function testAnonymousOptionsNonRootSubDir() {
$response = $this->sendRequest('OPTIONS', 'foo/bar');
$this->assertEquals(401, $response->getStatus());
}
public function testAnonymousOptionsRootOffice() {
$response = $this->sendRequest('OPTIONS', '', 'Microsoft Office does strange things');
$this->assertEquals(200, $response->getStatus());
}
public function testAnonymousOptionsNonRootOffice() {
$response = $this->sendRequest('OPTIONS', 'foo', 'Microsoft Office does strange things');
$this->assertEquals(200, $response->getStatus());
}
public function testAnonymousOptionsNonRootSubDirOffice() {
$response = $this->sendRequest('OPTIONS', 'foo/bar', 'Microsoft Office does strange things');
$this->assertEquals(200, $response->getStatus());
}