From 42bb1391c5c223b24f7e395cb46ec4d16a68b0c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julius=20H=C3=A4rtl?= Date: Mon, 2 Dec 2019 10:48:41 +0100 Subject: [PATCH] Move overwritehost check to isTrustedDomain MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julius Härtl --- lib/base.php | 3 --- lib/private/Security/TrustedDomainHelper.php | 5 +++++ tests/lib/Security/TrustedDomainHelperTest.php | 17 ++++++++++++++++- 3 files changed, 21 insertions(+), 4 deletions(-) diff --git a/lib/base.php b/lib/base.php index 735bb8b772..2f2a0e2732 100644 --- a/lib/base.php +++ b/lib/base.php @@ -748,9 +748,6 @@ class OC { * FIXME: Should not be in here at all :see_no_evil: */ if (!OC::$CLI - // overwritehost is always trusted, workaround to not have to make - // \OC\AppFramework\Http\Request::getOverwriteHost public - && self::$server->getConfig()->getSystemValue('overwritehost') === '' && !\OC::$server->getTrustedDomainHelper()->isTrustedDomain($host) && self::$server->getConfig()->getSystemValue('installed', false) ) { diff --git a/lib/private/Security/TrustedDomainHelper.php b/lib/private/Security/TrustedDomainHelper.php index 5237767d8e..a05e0dcff2 100644 --- a/lib/private/Security/TrustedDomainHelper.php +++ b/lib/private/Security/TrustedDomainHelper.php @@ -69,6 +69,11 @@ class TrustedDomainHelper { * have been configured */ public function isTrustedDomain($domainWithPort) { + // overwritehost is always trusted + if ($this->config->getSystemValue('overwritehost') !== '') { + return true; + } + $domain = $this->getDomainWithoutPort($domainWithPort); // Read trusted domains from config diff --git a/tests/lib/Security/TrustedDomainHelperTest.php b/tests/lib/Security/TrustedDomainHelperTest.php index 25586a1bc2..973ff29e46 100644 --- a/tests/lib/Security/TrustedDomainHelperTest.php +++ b/tests/lib/Security/TrustedDomainHelperTest.php @@ -31,7 +31,11 @@ class TrustedDomainHelperTest extends \Test\TestCase { * @param bool $result */ public function testIsTrustedDomain($trustedDomains, $testDomain, $result) { - $this->config->expects($this->once()) + $this->config->expects($this->at(0)) + ->method('getSystemValue') + ->with('overwritehost') + ->will($this->returnValue('')); + $this->config->expects($this->at(1)) ->method('getSystemValue') ->with('trusted_domains') ->will($this->returnValue($trustedDomains)); @@ -108,4 +112,15 @@ class TrustedDomainHelperTest extends \Test\TestCase { [$trustedHostTestList, 'bad..der.leading.host', false], ]; } + + public function testIsTrustedDomainOverwriteHost() { + $this->config->expects($this->at(0)) + ->method('getSystemValue') + ->with('overwritehost') + ->will($this->returnValue('myproxyhost')); + + $trustedDomainHelper = new TrustedDomainHelper($this->config); + $this->assertTrue($trustedDomainHelper->isTrustedDomain('myproxyhost')); + $this->assertTrue($trustedDomainHelper->isTrustedDomain('myotherhost')); + } }