Check whether the $_SERVER['REQUEST_*'] vars exist before using them
Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
parent
c56c98183d
commit
72c1b24844
|
@ -124,9 +124,11 @@ class TwoFactorMiddleware extends Middleware {
|
|||
|
||||
public function afterException($controller, $methodName, Exception $exception) {
|
||||
if ($exception instanceof TwoFactorAuthRequiredException) {
|
||||
return new RedirectResponse($this->urlGenerator->linkToRoute('core.TwoFactorChallenge.selectChallenge', [
|
||||
'redirect_url' => urlencode($this->request->server['REQUEST_URI']),
|
||||
]));
|
||||
$params = [];
|
||||
if (isset($this->request->server['REQUEST_URI'])) {
|
||||
$params['redirect_url'] = $this->request->server['REQUEST_URI'];
|
||||
}
|
||||
return new RedirectResponse($this->urlGenerator->linkToRoute('core.TwoFactorChallenge.selectChallenge', $params));
|
||||
}
|
||||
if ($exception instanceof UserAlreadyLoggedInException) {
|
||||
return new RedirectResponse($this->urlGenerator->linkToRoute('files.view.index'));
|
||||
|
|
|
@ -132,7 +132,7 @@ class OC {
|
|||
|
||||
OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT)));
|
||||
/**
|
||||
* FIXME: The following lines are required because we can't yet instantiiate
|
||||
* FIXME: The following lines are required because we can't yet instantiate
|
||||
* \OC::$server->getRequest() since \OC::$server does not yet exist.
|
||||
*/
|
||||
$params = [
|
||||
|
@ -174,7 +174,7 @@ class OC {
|
|||
|
||||
// Resolve /nextcloud to /nextcloud/ to ensure to always have a trailing
|
||||
// slash which is required by URL generation.
|
||||
if($_SERVER['REQUEST_URI'] === \OC::$WEBROOT &&
|
||||
if (isset($_SERVER['REQUEST_URI']) && $_SERVER['REQUEST_URI'] === \OC::$WEBROOT &&
|
||||
substr($_SERVER['REQUEST_URI'], -1) !== '/') {
|
||||
header('Location: '.\OC::$WEBROOT.'/');
|
||||
exit();
|
||||
|
@ -1005,7 +1005,7 @@ class OC {
|
|||
}
|
||||
|
||||
// Handle WebDAV
|
||||
if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
|
||||
if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'PROPFIND') {
|
||||
// not allowed any more to prevent people
|
||||
// mounting this root directly.
|
||||
// Users need to mount remote.php/webdav instead.
|
||||
|
|
|
@ -246,12 +246,11 @@ class SecurityMiddleware extends Middleware {
|
|||
);
|
||||
} else {
|
||||
if($exception instanceof NotLoggedInException) {
|
||||
$url = $this->urlGenerator->linkToRoute(
|
||||
'core.login.showLoginForm',
|
||||
[
|
||||
'redirect_url' => $this->request->server['REQUEST_URI'],
|
||||
]
|
||||
);
|
||||
$params = [];
|
||||
if (isset($this->request->server['REQUEST_URI'])) {
|
||||
$params['redirect_url'] = $this->request->server['REQUEST_URI'];
|
||||
}
|
||||
$url = $this->urlGenerator->linkToRoute('core.login.showLoginForm', $params);
|
||||
$response = new RedirectResponse($url);
|
||||
} else {
|
||||
$response = new TemplateResponse('core', '403', ['file' => $exception->getMessage()], 'guest');
|
||||
|
|
|
@ -75,7 +75,7 @@ class Router implements IRouter {
|
|||
if(!(\OC::$server->getConfig()->getSystemValue('htaccess.IgnoreFrontController', false) === true || getenv('front_controller_active') === 'true')) {
|
||||
$baseUrl = \OC::$server->getURLGenerator()->linkTo('', 'index.php');
|
||||
}
|
||||
if (!\OC::$CLI) {
|
||||
if (!\OC::$CLI && isset($_SERVER['REQUEST_METHOD'])) {
|
||||
$method = $_SERVER['REQUEST_METHOD'];
|
||||
} else {
|
||||
$method = 'GET';
|
||||
|
|
Loading…
Reference in New Issue