check anonymous OPTIONS requests file in root (not in subdir)
Signed-off-by: Bastien Durel <bastien@durel.org>
This commit is contained in:
parent
39b0d4700f
commit
7b4d4dcca8
|
@ -45,12 +45,19 @@ class AnonymousOptionsPlugin extends ServerPlugin {
|
||||||
$this->server->on('beforeMethod', [$this, 'handleAnonymousOptions'], 9);
|
$this->server->on('beforeMethod', [$this, 'handleAnonymousOptions'], 9);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
public function isRequestInRoot($path) {
|
||||||
|
return $path === '' || (is_string($path) && strpos($path, '/') === FALSE);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @throws \Sabre\DAV\Exception\Forbidden
|
* @throws \Sabre\DAV\Exception\Forbidden
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function handleAnonymousOptions(RequestInterface $request, ResponseInterface $response) {
|
public function handleAnonymousOptions(RequestInterface $request, ResponseInterface $response) {
|
||||||
if ($request->getHeader('Authorization') === null && $request->getMethod() === 'OPTIONS') {
|
if ($request->getHeader('Authorization') === null && $request->getMethod() === 'OPTIONS' && $this->isRequestInRoot($request->getPath())) {
|
||||||
/** @var CorePlugin $corePlugin */
|
/** @var CorePlugin $corePlugin */
|
||||||
$corePlugin = $this->server->getPlugin('core');
|
$corePlugin = $this->server->getPlugin('core');
|
||||||
// setup a fake tree for anonymous access
|
// setup a fake tree for anonymous access
|
||||||
|
|
|
@ -56,6 +56,12 @@ class AnonymousOptionsTest extends TestCase {
|
||||||
|
|
||||||
$this->assertEquals(200, $response->getStatus());
|
$this->assertEquals(200, $response->getStatus());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testAnonymousOptionsNonRootSubDir() {
|
||||||
|
$response = $this->sendRequest('OPTIONS', 'foo/bar');
|
||||||
|
|
||||||
|
$this->assertEquals(401, $response->getStatus());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
class SapiMock extends Sapi {
|
class SapiMock extends Sapi {
|
||||||
|
|
Loading…
Reference in New Issue