From cebf9f6a5a2d75ea682f109486ada3d5558fb6a2 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Mon, 16 Feb 2015 22:12:47 +0100 Subject: [PATCH] Incorporate review changes --- lib/base.php | 3 +-- lib/private/appframework/http/request.php | 12 ++++++------ lib/private/server.php | 14 +++++++++++++- 3 files changed, 20 insertions(+), 9 deletions(-) diff --git a/lib/base.php b/lib/base.php index 5905aa0406..cdc662c28d 100644 --- a/lib/base.php +++ b/lib/base.php @@ -626,7 +626,6 @@ class OC { return; } - $trustedDomainHelper = new \OC\Security\TrustedDomainHelper(\OC::$server->getConfig()); $request = \OC::$server->getRequest(); $host = $request->getInsecureServerHost(); /** @@ -637,7 +636,7 @@ class OC { // overwritehost is always trusted, workaround to not have to make // \OC\AppFramework\Http\Request::getOverwriteHost public && self::$server->getConfig()->getSystemValue('overwritehost') === '' - && !$trustedDomainHelper->isTrustedDomain($host) + && !\OC::$server->getTrustedDomainHelper()->isTrustedDomain($host) ) { header('HTTP/1.1 400 Bad Request'); header('Status: 400 Bad Request'); diff --git a/lib/private/appframework/http/request.php b/lib/private/appframework/http/request.php index 5cffbccb62..d85bfd4f30 100644 --- a/lib/private/appframework/http/request.php +++ b/lib/private/appframework/http/request.php @@ -128,9 +128,9 @@ class Request implements \ArrayAccess, \Countable, IRequest { } /** - * @param $parameters + * @param array $parameters */ - public function setUrlParameters($parameters) { + public function setUrlParameters(array $parameters) { $this->items['urlParams'] = $parameters; $this->items['parameters'] = array_merge( $this->items['parameters'], @@ -195,8 +195,8 @@ class Request implements \ArrayAccess, \Countable, IRequest { /** * Magic property accessors - * @param $name - * @param $value + * @param string $name + * @param mixed $value */ public function __set($name, $value) { throw new \RuntimeException('You cannot change the contents of the request object'); @@ -253,7 +253,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { } /** - * @param $name + * @param string $name * @return bool */ public function __isset($name) { @@ -261,7 +261,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { } /** - * @param $id + * @param string $id */ public function __unset($id) { throw new \RunTimeException('You cannot change the contents of the request object'); diff --git a/lib/private/server.php b/lib/private/server.php index 9422f332eb..7c7f3c25cc 100644 --- a/lib/private/server.php +++ b/lib/private/server.php @@ -17,6 +17,7 @@ use OC\Security\Crypto; use OC\Security\Hasher; use OC\Security\SecureRandom; use OC\Diagnostics\NullEventLogger; +use OC\Security\TrustedDomainHelper; use OCP\IServerContainer; use OCP\ISession; use OC\Tagging\TagMapper; @@ -260,6 +261,9 @@ class Server extends SimpleContainer implements IServerContainer { $this->registerService('IniWrapper', function ($c) { return new IniGetWrapper(); }); + $this->registerService('TrustedDomainHelper', function ($c) { + return new TrustedDomainHelper($this->getConfig()); + }); } /** @@ -324,7 +328,6 @@ class Server extends SimpleContainer implements IServerContainer { ); } - /** * Returns the preview manager which can create preview images for a given file * @@ -743,4 +746,13 @@ class Server extends SimpleContainer implements IServerContainer { public function getIniWrapper() { return $this->query('IniWrapper'); } + + /** + * Get the trusted domain helper + * + * @return TrustedDomainHelper + */ + public function getTrustedDomainHelper() { + return $this->query('TrustedDomainHelper'); + } }