Merge pull request #4873 from nextcloud/check-whether-REQUEST-exists
Check whether the $_SERVER['REQUEST_*'] vars exist before using them
This commit is contained in:
commit
8c5062794f
|
@ -124,9 +124,11 @@ class TwoFactorMiddleware extends Middleware {
|
||||||
|
|
||||||
public function afterException($controller, $methodName, Exception $exception) {
|
public function afterException($controller, $methodName, Exception $exception) {
|
||||||
if ($exception instanceof TwoFactorAuthRequiredException) {
|
if ($exception instanceof TwoFactorAuthRequiredException) {
|
||||||
return new RedirectResponse($this->urlGenerator->linkToRoute('core.TwoFactorChallenge.selectChallenge', [
|
$params = [];
|
||||||
'redirect_url' => urlencode($this->request->server['REQUEST_URI']),
|
if (isset($this->request->server['REQUEST_URI'])) {
|
||||||
]));
|
$params['redirect_url'] = $this->request->server['REQUEST_URI'];
|
||||||
|
}
|
||||||
|
return new RedirectResponse($this->urlGenerator->linkToRoute('core.TwoFactorChallenge.selectChallenge', $params));
|
||||||
}
|
}
|
||||||
if ($exception instanceof UserAlreadyLoggedInException) {
|
if ($exception instanceof UserAlreadyLoggedInException) {
|
||||||
return new RedirectResponse($this->urlGenerator->linkToRoute('files.view.index'));
|
return new RedirectResponse($this->urlGenerator->linkToRoute('files.view.index'));
|
||||||
|
|
|
@ -132,7 +132,7 @@ class OC {
|
||||||
|
|
||||||
OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT)));
|
OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT)));
|
||||||
/**
|
/**
|
||||||
* FIXME: The following lines are required because we can't yet instantiiate
|
* FIXME: The following lines are required because we can't yet instantiate
|
||||||
* \OC::$server->getRequest() since \OC::$server does not yet exist.
|
* \OC::$server->getRequest() since \OC::$server does not yet exist.
|
||||||
*/
|
*/
|
||||||
$params = [
|
$params = [
|
||||||
|
@ -174,7 +174,7 @@ class OC {
|
||||||
|
|
||||||
// Resolve /nextcloud to /nextcloud/ to ensure to always have a trailing
|
// Resolve /nextcloud to /nextcloud/ to ensure to always have a trailing
|
||||||
// slash which is required by URL generation.
|
// slash which is required by URL generation.
|
||||||
if($_SERVER['REQUEST_URI'] === \OC::$WEBROOT &&
|
if (isset($_SERVER['REQUEST_URI']) && $_SERVER['REQUEST_URI'] === \OC::$WEBROOT &&
|
||||||
substr($_SERVER['REQUEST_URI'], -1) !== '/') {
|
substr($_SERVER['REQUEST_URI'], -1) !== '/') {
|
||||||
header('Location: '.\OC::$WEBROOT.'/');
|
header('Location: '.\OC::$WEBROOT.'/');
|
||||||
exit();
|
exit();
|
||||||
|
@ -1008,7 +1008,7 @@ class OC {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Handle WebDAV
|
// Handle WebDAV
|
||||||
if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
|
if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'PROPFIND') {
|
||||||
// not allowed any more to prevent people
|
// not allowed any more to prevent people
|
||||||
// mounting this root directly.
|
// mounting this root directly.
|
||||||
// Users need to mount remote.php/webdav instead.
|
// Users need to mount remote.php/webdav instead.
|
||||||
|
|
|
@ -246,12 +246,11 @@ class SecurityMiddleware extends Middleware {
|
||||||
);
|
);
|
||||||
} else {
|
} else {
|
||||||
if($exception instanceof NotLoggedInException) {
|
if($exception instanceof NotLoggedInException) {
|
||||||
$url = $this->urlGenerator->linkToRoute(
|
$params = [];
|
||||||
'core.login.showLoginForm',
|
if (isset($this->request->server['REQUEST_URI'])) {
|
||||||
[
|
$params['redirect_url'] = $this->request->server['REQUEST_URI'];
|
||||||
'redirect_url' => $this->request->server['REQUEST_URI'],
|
}
|
||||||
]
|
$url = $this->urlGenerator->linkToRoute('core.login.showLoginForm', $params);
|
||||||
);
|
|
||||||
$response = new RedirectResponse($url);
|
$response = new RedirectResponse($url);
|
||||||
} else {
|
} else {
|
||||||
$response = new TemplateResponse('core', '403', ['file' => $exception->getMessage()], 'guest');
|
$response = new TemplateResponse('core', '403', ['file' => $exception->getMessage()], 'guest');
|
||||||
|
|
|
@ -75,7 +75,7 @@ class Router implements IRouter {
|
||||||
if(!(\OC::$server->getConfig()->getSystemValue('htaccess.IgnoreFrontController', false) === true || getenv('front_controller_active') === 'true')) {
|
if(!(\OC::$server->getConfig()->getSystemValue('htaccess.IgnoreFrontController', false) === true || getenv('front_controller_active') === 'true')) {
|
||||||
$baseUrl = \OC::$server->getURLGenerator()->linkTo('', 'index.php');
|
$baseUrl = \OC::$server->getURLGenerator()->linkTo('', 'index.php');
|
||||||
}
|
}
|
||||||
if (!\OC::$CLI) {
|
if (!\OC::$CLI && isset($_SERVER['REQUEST_METHOD'])) {
|
||||||
$method = $_SERVER['REQUEST_METHOD'];
|
$method = $_SERVER['REQUEST_METHOD'];
|
||||||
} else {
|
} else {
|
||||||
$method = 'GET';
|
$method = 'GET';
|
||||||
|
|
Loading…
Reference in New Issue