Vincent Petry
commit
6a08fca363
|
|
@ -71,7 +71,7 @@ $CONFIG = array(
|
|||
'trusted_domains' =>
|
||||
array (
|
||||
'demo.example.org',
|
||||
'otherdomain.example.org:8080',
|
||||
'otherdomain.example.org',
|
||||
),
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -613,14 +613,8 @@ class OC {
|
|||
header('HTTP/1.1 400 Bad Request');
|
||||
header('Status: 400 Bad Request');
|
||||
|
||||
$domain = $_SERVER['SERVER_NAME'];
|
||||
// Append port to domain in case it is not
|
||||
if($_SERVER['SERVER_PORT'] !== '80' && $_SERVER['SERVER_PORT'] !== '443') {
|
||||
$domain .= ':'.$_SERVER['SERVER_PORT'];
|
||||
}
|
||||
|
||||
$tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
|
||||
$tmpl->assign('domain', $domain);
|
||||
$tmpl->assign('domain', $_SERVER['SERVER_NAME']);
|
||||
$tmpl->printPage();
|
||||
|
||||
exit();
|
||||
|
|
|
|||
|
|
@ -93,7 +93,8 @@ class Repair extends BasicEmitter {
|
|||
$steps = array(
|
||||
new InnoDB(),
|
||||
new Collation(\OC::$server->getConfig(), \OC_DB::getConnection()),
|
||||
new SearchLuceneTables()
|
||||
new SearchLuceneTables(),
|
||||
new RepairConfig()
|
||||
);
|
||||
|
||||
//There is no need to delete all previews on every single update
|
||||
|
|
|
|||
|
|
@ -12,8 +12,7 @@ class OC_Request {
|
|||
// Android Chrome user agent: https://developers.google.com/chrome/mobile/docs/user-agent
|
||||
const USER_AGENT_ANDROID_MOBILE_CHROME = '#Android.*Chrome/[.0-9]*#';
|
||||
const USER_AGENT_FREEBOX = '#^Mozilla/5\.0$#';
|
||||
|
||||
const REGEX_LOCALHOST = '/^(127\.0\.0\.1|localhost)(:[0-9]+|)$/';
|
||||
const REGEX_LOCALHOST = '/^(127\.0\.0\.1|localhost)$/';
|
||||
static protected $reqId;
|
||||
|
||||
/**
|
||||
|
|
@ -76,13 +75,26 @@ class OC_Request {
|
|||
* have been configured
|
||||
*/
|
||||
public static function isTrustedDomain($domain) {
|
||||
$trustedList = \OC_Config::getValue('trusted_domains', array());
|
||||
// Extract port from domain if needed
|
||||
$pos = strrpos($domain, ':');
|
||||
if ($pos !== false) {
|
||||
$port = substr($domain, $pos + 1);
|
||||
if (is_numeric($port)) {
|
||||
$domain = substr($domain, 0, $pos);
|
||||
}
|
||||
}
|
||||
|
||||
// FIXME: Empty config array defaults to true for now. - Deprecate this behaviour with ownCloud 8.
|
||||
$trustedList = \OC::$server->getConfig()->getSystemValue('trusted_domains', array());
|
||||
if (empty($trustedList)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
// Always allow access from localhost
|
||||
if (preg_match(self::REGEX_LOCALHOST, $domain) === 1) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return in_array($domain, $trustedList);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -12,8 +12,16 @@ use OC\Hooks\BasicEmitter;
|
|||
use OC\RepairStep;
|
||||
use Sabre\DAV\Exception;
|
||||
|
||||
/**
|
||||
* Class RepairConfig
|
||||
*
|
||||
* @package OC\Repair
|
||||
*/
|
||||
class RepairConfig extends BasicEmitter implements RepairStep {
|
||||
|
||||
/**
|
||||
* @return string
|
||||
*/
|
||||
public function getName() {
|
||||
return 'Repair config';
|
||||
}
|
||||
|
|
@ -23,6 +31,7 @@ class RepairConfig extends BasicEmitter implements RepairStep {
|
|||
*/
|
||||
public function run() {
|
||||
$this->addSecret();
|
||||
$this->removePortsFromTrustedDomains();
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -34,4 +43,24 @@ class RepairConfig extends BasicEmitter implements RepairStep {
|
|||
\OC::$server->getConfig()->setSystemValue('secret', $secret);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Remove ports from existing trusted domains in config.php
|
||||
*/
|
||||
private function removePortsFromTrustedDomains() {
|
||||
$trustedDomains = \OC::$server->getConfig()->getSystemValue('trusted_domains', array());
|
||||
$newTrustedDomains = array();
|
||||
foreach($trustedDomains as $domain) {
|
||||
$pos = strrpos($domain, ':');
|
||||
if ($pos !== false) {
|
||||
$port = substr($domain, $pos + 1);
|
||||
if (is_numeric($port)) {
|
||||
$domain = substr($domain, 0, $pos);
|
||||
}
|
||||
}
|
||||
$newTrustedDomains[] = $domain;
|
||||
}
|
||||
\OC::$server->getConfig()->setSystemValue('trusted_domains', $newTrustedDomains);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -240,7 +240,7 @@ class Test_Request extends PHPUnit_Framework_TestCase {
|
|||
}
|
||||
|
||||
public function trustedDomainDataProvider() {
|
||||
$trustedHostTestList = array('host.one.test:8080', 'host.two.test:8080');
|
||||
$trustedHostTestList = array('host.one.test', 'host.two.test', '[1fff:0:a88:85a3::ac1f]');
|
||||
return array(
|
||||
// empty defaults to true
|
||||
array(null, 'host.one.test:8080', true),
|
||||
|
|
@ -249,8 +249,12 @@ class Test_Request extends PHPUnit_Framework_TestCase {
|
|||
|
||||
// trust list when defined
|
||||
array($trustedHostTestList, 'host.two.test:8080', true),
|
||||
array($trustedHostTestList, 'host.two.test:9999', false),
|
||||
array($trustedHostTestList, 'host.two.test:9999', true),
|
||||
array($trustedHostTestList, 'host.three.test:8080', false),
|
||||
array($trustedHostTestList, 'host.two.test:8080:aa:222', false),
|
||||
array($trustedHostTestList, '[1fff:0:a88:85a3::ac1f]', true),
|
||||
array($trustedHostTestList, '[1fff:0:a88:85a3::ac1f]:801', true),
|
||||
array($trustedHostTestList, '[1fff:0:a88:85a3::ac1f]:801:34', false),
|
||||
|
||||
// trust localhost regardless of trust list
|
||||
array($trustedHostTestList, 'localhost', true),
|
||||
|
|
|
|||
Loading…
Reference in New Issue