in case uri and script name don't match we better throw an exception

lib/private/request.php

@@ -138,8 +138,16 @@ class OC_Request {
 	public static function getRawPathInfo() {
 		$requestUri = $_SERVER['REQUEST_URI'];
 		// remove too many leading slashes - can be caused by reverse proxy configuration
-		$requestUri = '/' . ltrim($requestUri, '/');
-		$path_info = substr($requestUri, strlen($_SERVER['SCRIPT_NAME']));
+		if (strpos($requestUri, '/') === 0) {
+			$requestUri = '/' . ltrim($requestUri, '/');
+		}
+
+		$scriptName = $_SERVER['SCRIPT_NAME'];
+		// in case uri and script name don't match we better throw an exception
+		if (strpos($requestUri, $scriptName) !== 0) {
+			throw new Exception("REQUEST_URI($requestUri) does not start with the SCRIPT_NAME($scriptName)");
+		}
+		$path_info = substr($requestUri, strlen($scriptName));
 		// Remove the query string from REQUEST_URI
 		if ($pos = strpos($path_info, '?')) {
 			$path_info = substr($path_info, 0, $pos);

tests/lib/request.php

@@ -39,8 +39,30 @@ class Test_Request extends PHPUnit_Framework_TestCase {
 
 	function rawPathInfoProvider() {
 		return array(
+			array('/core/ajax/translations.php', 'index.php/core/ajax/translations.php', 'index.php'),
 			array('/core/ajax/translations.php', '/index.php/core/ajax/translations.php', '/index.php'),
 			array('/core/ajax/translations.php', '//index.php/core/ajax/translations.php', '/index.php'),
 		);
 	}
+
+	/**
+	 * @dataProvider rawPathInfoThrowsExceptionProvider
+	 * @expectedException Exception
+	 *
+	 * @param $requestUri
+	 * @param $scriptName
+	 */
+	public function testRawPathInfoThrowsException($requestUri, $scriptName) {
+		$_SERVER['REQUEST_URI'] = $requestUri;
+		$_SERVER['SCRIPT_NAME'] = $scriptName;
+		OC_Request::getRawPathInfo();
+	}
+
+	function rawPathInfoThrowsExceptionProvider() {
+		return array(
+			array('core/ajax/translations.php', '/index.php'),
+			array('/core/ajax/translations.php', '/index.php'),
+			array('//core/ajax/translations.php', '/index.php'),
+		);
+	}
 }