Merge pull request #21025 from owncloud/remove-legacy-trusted-domain-support
Remove legacy repair steps + do not cast trusted domains
This commit is contained in:
Thomas Müller
commit
ae2287e255
|
|
@ -40,7 +40,6 @@ use OC\Repair\SqliteAutoincrement;
|
|||
use OC\Repair\DropOldTables;
|
||||
use OC\Repair\FillETags;
|
||||
use OC\Repair\InnoDB;
|
||||
use OC\Repair\RepairConfig;
|
||||
use OC\Repair\RepairLegacyStorages;
|
||||
use OC\Repair\RepairMimeTypes;
|
||||
use OC\Repair\SearchLuceneTables;
|
||||
|
|
@ -107,7 +106,6 @@ class Repair extends BasicEmitter {
|
|||
return [
|
||||
new RepairMimeTypes(\OC::$server->getConfig()),
|
||||
new RepairLegacyStorages(\OC::$server->getConfig(), \OC::$server->getDatabaseConnection()),
|
||||
new RepairConfig(),
|
||||
new AssetCache(),
|
||||
new FillETags(\OC::$server->getDatabaseConnection()),
|
||||
new CleanTags(\OC::$server->getDatabaseConnection()),
|
||||
|
|
@ -138,13 +136,12 @@ class Repair extends BasicEmitter {
|
|||
* @return array of RepairStep instances
|
||||
*/
|
||||
public static function getBeforeUpgradeRepairSteps() {
|
||||
$steps = array(
|
||||
$steps = [
|
||||
new InnoDB(),
|
||||
new Collation(\OC::$server->getConfig(), \OC_DB::getConnection()),
|
||||
new SqliteAutoincrement(\OC_DB::getConnection()),
|
||||
new SearchLuceneTables(),
|
||||
new RepairConfig()
|
||||
);
|
||||
];
|
||||
|
||||
//There is no need to delete all previews on every single update
|
||||
//only 7.0.0 through 7.0.2 generated broken previews
|
||||
|
|
|
|||
|
|
@ -74,16 +74,11 @@ class TrustedDomainHelper {
|
|||
return false;
|
||||
}
|
||||
|
||||
// TODO: Workaround for older instances still with port applied. Remove for ownCloud 9.
|
||||
if(in_array($domainWithPort, $trustedList)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
// Always allow access from localhost
|
||||
if (preg_match(Request::REGEX_LOCALHOST, $domain) === 1) {
|
||||
return true;
|
||||
}
|
||||
return in_array($domain, $trustedList);
|
||||
return in_array($domain, $trustedList, true);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,80 +0,0 @@
|
|||
<?php
|
||||
/**
|
||||
* @author Lukas Reschke <lukas@owncloud.com>
|
||||
* @author Morris Jobke <hey@morrisjobke.de>
|
||||
*
|
||||
* @copyright Copyright (c) 2015, ownCloud, Inc.
|
||||
* @license AGPL-3.0
|
||||
*
|
||||
* This code is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License, version 3,
|
||||
* as published by the Free Software Foundation.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License, version 3,
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||
*
|
||||
*/
|
||||
|
||||
namespace OC\Repair;
|
||||
|
||||
use OC\Hooks\BasicEmitter;
|
||||
use OC\RepairStep;
|
||||
use Sabre\DAV\Exception;
|
||||
|
||||
/**
|
||||
* Class RepairConfig
|
||||
*
|
||||
* @package OC\Repair
|
||||
*/
|
||||
class RepairConfig extends BasicEmitter implements RepairStep {
|
||||
|
||||
/**
|
||||
* @return string
|
||||
*/
|
||||
public function getName() {
|
||||
return 'Repair config';
|
||||
}
|
||||
|
||||
/**
|
||||
* Updates the configuration after running an update
|
||||
*/
|
||||
public function run() {
|
||||
$this->addSecret();
|
||||
$this->removePortsFromTrustedDomains();
|
||||
}
|
||||
|
||||
/**
|
||||
* Adds a secret to config.php
|
||||
*/
|
||||
private function addSecret() {
|
||||
if(\OC::$server->getConfig()->getSystemValue('secret', null) === null) {
|
||||
$secret = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(48);
|
||||
\OC::$server->getConfig()->setSystemValue('secret', $secret);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Remove ports from existing trusted domains in config.php
|
||||
*/
|
||||
private function removePortsFromTrustedDomains() {
|
||||
$trustedDomains = \OC::$server->getConfig()->getSystemValue('trusted_domains', array());
|
||||
$newTrustedDomains = array();
|
||||
foreach($trustedDomains as $domain) {
|
||||
$pos = strrpos($domain, ':');
|
||||
if ($pos !== false) {
|
||||
$port = substr($domain, $pos + 1);
|
||||
if (is_numeric($port)) {
|
||||
$domain = substr($domain, 0, $pos);
|
||||
}
|
||||
}
|
||||
$newTrustedDomains[] = $domain;
|
||||
}
|
||||
\OC::$server->getConfig()->setSystemValue('trusted_domains', $newTrustedDomains);
|
||||
}
|
||||
}
|
||||
|
|
@ -64,6 +64,8 @@ class TrustedDomainHelperTest extends \Test\TestCase {
|
|||
// do not trust invalid localhosts
|
||||
[$trustedHostTestList, 'localhost:1:2', false],
|
||||
[$trustedHostTestList, 'localhost: evil.host', false],
|
||||
// do not trust casting
|
||||
[[1], '1', false],
|
||||
];
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue