diff --git a/apps/settings/lib/Controller/CheckSetupController.php b/apps/settings/lib/Controller/CheckSetupController.php
index 1429fd5ed8..04711cf530 100644
--- a/apps/settings/lib/Controller/CheckSetupController.php
+++ b/apps/settings/lib/Controller/CheckSetupController.php
@@ -703,6 +703,7 @@ Raw output
'pendingBigIntConversionColumns' => $this->hasBigIntConversionPendingColumns(),
'isMysqlUsedWithoutUTF8MB4' => $this->isMysqlUsedWithoutUTF8MB4(),
'isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed' => $this->isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed(),
+ 'reverseProxyGeneratedURL' => $this->urlGenerator->getAbsoluteURL('index.php'),
]
);
}
diff --git a/apps/settings/tests/Controller/CheckSetupControllerTest.php b/apps/settings/tests/Controller/CheckSetupControllerTest.php
index 7740b2f427..93c7814389 100644
--- a/apps/settings/tests/Controller/CheckSetupControllerTest.php
+++ b/apps/settings/tests/Controller/CheckSetupControllerTest.php
@@ -426,14 +426,6 @@ class CheckSetupControllerTest extends TestCase {
$this->clientService->expects($this->exactly(4))
->method('newClient')
->will($this->returnValue($client));
- $this->urlGenerator->expects($this->at(0))
- ->method('linkToDocs')
- ->with('admin-performance')
- ->willReturn('http://docs.example.org/server/go.php?to=admin-performance');
- $this->urlGenerator->expects($this->at(1))
- ->method('linkToDocs')
- ->with('admin-security')
- ->willReturn('https://docs.example.org/server/8.1/admin_manual/configuration_server/hardening.html');
$this->checkSetupController
->expects($this->once())
->method('isPhpOutdated')
@@ -442,26 +434,6 @@ class CheckSetupControllerTest extends TestCase {
->expects($this->once())
->method('isOpcacheProperlySetup')
->willReturn(false);
- $this->urlGenerator->expects($this->at(2))
- ->method('linkToDocs')
- ->with('admin-reverse-proxy')
- ->willReturn('reverse-proxy-doc-link');
- $this->urlGenerator->expects($this->at(3))
- ->method('linkToDocs')
- ->with('admin-code-integrity')
- ->willReturn('http://docs.example.org/server/go.php?to=admin-code-integrity');
- $this->urlGenerator->expects($this->at(4))
- ->method('linkToDocs')
- ->with('admin-php-opcache')
- ->willReturn('http://docs.example.org/server/go.php?to=admin-php-opcache');
- $this->urlGenerator->expects($this->at(5))
- ->method('linkToDocs')
- ->with('admin-db-conversion')
- ->willReturn('http://docs.example.org/server/go.php?to=admin-db-conversion');
- $this->urlGenerator->expects($this->at(6))
- ->method('getAbsoluteURL')
- ->with('index.php/settings/admin')
- ->willReturn('https://server/index.php/settings/admin');
$this->checkSetupController
->method('hasFreeTypeSupport')
->willReturn(false);
@@ -540,6 +512,40 @@ class CheckSetupControllerTest extends TestCase {
->method('isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed')
->willReturn(true);
+ $this->urlGenerator->method('linkToDocs')
+ ->willReturnCallback(function(string $key): string {
+ if ($key === 'admin-performance') {
+ return 'http://docs.example.org/server/go.php?to=admin-performance';
+ }
+ if ($key === 'admin-security') {
+ return 'https://docs.example.org/server/8.1/admin_manual/configuration_server/hardening.html';
+ }
+ if ($key === 'admin-reverse-proxy') {
+ return 'reverse-proxy-doc-link';
+ }
+ if ($key === 'admin-code-integrity') {
+ return 'http://docs.example.org/server/go.php?to=admin-code-integrity';
+ }
+ if ($key === 'admin-php-opcache') {
+ return 'http://docs.example.org/server/go.php?to=admin-php-opcache';
+ }
+ if ($key === 'admin-db-conversion') {
+ return 'http://docs.example.org/server/go.php?to=admin-db-conversion';
+ }
+ return '';
+ });
+
+ $this->urlGenerator->method('getAbsoluteURL')
+ ->willReturnCallback(function(string $url): string {
+ if ($url === 'index.php/settings/admin') {
+ return 'https://server/index.php/settings/admin';
+ }
+ if ($url === 'index.php') {
+ return 'https://server/index.php';
+ }
+ return '';
+ });
+
$expected = new DataResponse(
[
'isGetenvServerWorking' => true,
@@ -585,6 +591,7 @@ class CheckSetupControllerTest extends TestCase {
'pendingBigIntConversionColumns' => [],
'isMysqlUsedWithoutUTF8MB4' => false,
'isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed' => true,
+ 'reverseProxyGeneratedURL' => 'https://server/index.php',
]
);
$this->assertEquals($expected, $this->checkSetupController->check());
diff --git a/core/js/setupchecks.js b/core/js/setupchecks.js
index 33ba31f049..12d1104a63 100644
--- a/core/js/setupchecks.js
+++ b/core/js/setupchecks.js
@@ -460,6 +460,18 @@
type: OC.SetupChecks.MESSAGE_TYPE_WARNING
})
}
+ if (window.location.protocol === 'http:' && data.reverseProxyGeneratedURL.split('/')[0] !== 'https:') {
+ messages.push({
+ msg: t(
+ 'core',
+ 'You are accessing your instance over a secure connection, however your instance is generating insecure URLs. This most likely means that you are behind a reverse proxy and the overwrite config variables are not set correctly. Please read the documentation page about this.',
+ {
+ docLink: data.reverseProxyDocs
+ }
+ ),
+ type: OC.SetupChecks.MESSAGE_TYPE_WARNING
+ })
+ }
} else {
messages.push({
diff --git a/core/js/tests/specs/setupchecksSpec.js b/core/js/tests/specs/setupchecksSpec.js
index 86d4e47a81..5e93cbf7bd 100644
--- a/core/js/tests/specs/setupchecksSpec.js
+++ b/core/js/tests/specs/setupchecksSpec.js
@@ -249,7 +249,8 @@ describe('OC.SetupChecks tests', function() {
recommendedPHPModules: [],
pendingBigIntConversionColumns: [],
isMysqlUsedWithoutUTF8MB4: false,
- isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true,
+ reverseProxyGeneratedURL: 'https://server',
})
);
@@ -301,7 +302,8 @@ describe('OC.SetupChecks tests', function() {
recommendedPHPModules: [],
pendingBigIntConversionColumns: [],
isMysqlUsedWithoutUTF8MB4: false,
- isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true,
+ reverseProxyGeneratedURL: 'https://server',
})
);
@@ -354,7 +356,8 @@ describe('OC.SetupChecks tests', function() {
recommendedPHPModules: [],
pendingBigIntConversionColumns: [],
isMysqlUsedWithoutUTF8MB4: false,
- isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true,
+ reverseProxyGeneratedURL: 'https://server',
})
);
@@ -405,7 +408,8 @@ describe('OC.SetupChecks tests', function() {
recommendedPHPModules: [],
pendingBigIntConversionColumns: [],
isMysqlUsedWithoutUTF8MB4: false,
- isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true,
+ reverseProxyGeneratedURL: 'https://server',
})
);
@@ -454,7 +458,8 @@ describe('OC.SetupChecks tests', function() {
recommendedPHPModules: [],
pendingBigIntConversionColumns: [],
isMysqlUsedWithoutUTF8MB4: false,
- isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true,
+ reverseProxyGeneratedURL: 'https://server',
})
);
@@ -505,7 +510,8 @@ describe('OC.SetupChecks tests', function() {
recommendedPHPModules: [],
pendingBigIntConversionColumns: [],
isMysqlUsedWithoutUTF8MB4: false,
- isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true,
+ reverseProxyGeneratedURL: 'https://server',
})
);
@@ -554,7 +560,8 @@ describe('OC.SetupChecks tests', function() {
recommendedPHPModules: [],
pendingBigIntConversionColumns: [],
isMysqlUsedWithoutUTF8MB4: false,
- isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true,
+ reverseProxyGeneratedURL: 'https://server',
})
);
@@ -603,7 +610,8 @@ describe('OC.SetupChecks tests', function() {
recommendedPHPModules: [],
pendingBigIntConversionColumns: [],
isMysqlUsedWithoutUTF8MB4: false,
- isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true,
+ reverseProxyGeneratedURL: 'https://server',
})
);
@@ -652,7 +660,8 @@ describe('OC.SetupChecks tests', function() {
recommendedPHPModules: [],
pendingBigIntConversionColumns: [],
isMysqlUsedWithoutUTF8MB4: false,
- isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true,
+ reverseProxyGeneratedURL: 'https://server',
})
);
@@ -722,7 +731,8 @@ describe('OC.SetupChecks tests', function() {
recommendedPHPModules: [],
pendingBigIntConversionColumns: [],
isMysqlUsedWithoutUTF8MB4: false,
- isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true,
+ reverseProxyGeneratedURL: 'https://server',
})
);
@@ -772,7 +782,8 @@ describe('OC.SetupChecks tests', function() {
recommendedPHPModules: [],
pendingBigIntConversionColumns: [],
isMysqlUsedWithoutUTF8MB4: false,
- isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true,
+ reverseProxyGeneratedURL: 'https://server',
})
);
@@ -822,7 +833,8 @@ describe('OC.SetupChecks tests', function() {
recommendedPHPModules: [],
pendingBigIntConversionColumns: [],
isMysqlUsedWithoutUTF8MB4: false,
- isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true,
+ reverseProxyGeneratedURL: 'https://server',
})
);
@@ -872,7 +884,8 @@ describe('OC.SetupChecks tests', function() {
recommendedPHPModules: [],
pendingBigIntConversionColumns: [],
isMysqlUsedWithoutUTF8MB4: false,
- isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true,
+ reverseProxyGeneratedURL: 'https://server',
})
);
@@ -921,7 +934,8 @@ describe('OC.SetupChecks tests', function() {
recommendedPHPModules: [],
pendingBigIntConversionColumns: [],
isMysqlUsedWithoutUTF8MB4: true,
- isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true,
+ reverseProxyGeneratedURL: 'https://server',
})
);
@@ -934,6 +948,57 @@ describe('OC.SetupChecks tests', function() {
});
});
+ it('should return an error if the protocol is https but the server generates http links', function(done) {
+ var async = OC.SetupChecks.checkSetup();
+
+ suite.server.requests[0].respond(
+ 200,
+ {
+ 'Content-Type': 'application/json',
+ },
+ JSON.stringify({
+ hasFileinfoInstalled: true,
+ isGetenvServerWorking: true,
+ isReadOnlyConfig: false,
+ hasWorkingFileLocking: true,
+ hasValidTransactionIsolationLevel: true,
+ suggestedOverwriteCliURL: '',
+ isRandomnessSecure: true,
+ securityDocs: 'https://docs.owncloud.org/myDocs.html',
+ serverHasInternetConnectionProblems: false,
+ isMemcacheConfigured: true,
+ forwardedForHeadersWorking: true,
+ isCorrectMemcachedPHPModuleInstalled: true,
+ hasPassedCodeIntegrityCheck: true,
+ isOpcacheProperlySetup: true,
+ hasOpcacheLoaded: true,
+ isSettimelimitAvailable: true,
+ hasFreeTypeSupport: true,
+ missingIndexes: [],
+ cronErrors: [],
+ cronInfo: {
+ diffInSeconds: 0
+ },
+ isMemoryLimitSufficient: true,
+ appDirsWithDifferentOwner: [],
+ recommendedPHPModules: [],
+ pendingBigIntConversionColumns: [],
+ isMysqlUsedWithoutUTF8MB4: false,
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: true,
+ reverseProxyDocs: 'https://docs.nextcloud.com/foo/bar.html',
+ reverseProxyGeneratedURL: 'http://server',
+ })
+ );
+
+ async.done(function( data, s, x ){
+ expect(data).toEqual([{
+ msg: 'You are accessing your instance over a secure connection, however your instance is generating insecure URLs. This most likely means that you are behind a reverse proxy and the overwrite config variables are not set correctly. Please read the documentation page about this.',
+ type: OC.SetupChecks.MESSAGE_TYPE_WARNING
+ }]);
+ done();
+ });
+ });
+
it('should return an error if there is not enough free space in the temp directory', function(done) {
var async = OC.SetupChecks.checkSetup();
@@ -970,7 +1035,8 @@ describe('OC.SetupChecks tests', function() {
recommendedPHPModules: [],
pendingBigIntConversionColumns: [],
isMysqlUsedWithoutUTF8MB4: false,
- isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: false
+ isEnoughTempSpaceAvailableIfS3PrimaryStorageIsUsed: false,
+ reverseProxyGeneratedURL: 'https://server',
})
);