From b3515a98e98e1403a841f435cfcd5058053dd4e1 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@owncloud.com>
Date: Wed, 3 Dec 2014 21:13:27 +0100
Subject: [PATCH] Add workaround for older instances

To be removed with oCAdd workaround for older instances

To be removed with oC99
---
 lib/private/request.php | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/lib/private/request.php b/lib/private/request.php
index 794b566ce5..3c33dfc340 100644
--- a/lib/private/request.php
+++ b/lib/private/request.php
@@ -86,13 +86,13 @@ class OC_Request {
 	 * of trusted domains. If no trusted domains have been configured, returns
 	 * true.
 	 * This is used to prevent Host Header Poisoning.
-	 * @param string $domain
+	 * @param string $domainWithPort
 	 * @return bool true if the given domain is trusted or if no trusted domains
 	 * have been configured
 	 */
-	public static function isTrustedDomain($domain) {
+	public static function isTrustedDomain($domainWithPort) {
 		// Extract port from domain if needed
-		$domain = self::getDomainWithoutPort($domain);
+		$domain = self::getDomainWithoutPort($domainWithPort);
 
 		// FIXME: Empty config array defaults to true for now. - Deprecate this behaviour with ownCloud 8.
 		$trustedList = \OC::$server->getConfig()->getSystemValue('trusted_domains', array());
@@ -100,6 +100,11 @@ class OC_Request {
 			return true;
 		}
 
+		// FIXME: Workaround for older instances still with port applied. Remove for ownCloud 9.
+		if(in_array($domainWithPort, $trustedList)) {
+			return true;
+		}
+
 		// Always allow access from localhost
 		if (preg_match(self::REGEX_LOCALHOST, $domain) === 1) {
 			return true;