more reliable host detection for reverse proxy servers
This commit is contained in:
parent
564b0358f9
commit
e3031ae28b
12
lib/base.php
12
lib/base.php
|
@ -367,16 +367,18 @@ class OC{
|
||||||
|
|
||||||
// CSRF protection
|
// CSRF protection
|
||||||
if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer='';
|
if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer='';
|
||||||
$protocol=OC_Helper::serverProtocol().'://';
|
$refererhost=parse_url($referer);
|
||||||
|
if(isset($refererhost['host'])) $refererhost=$refererhost['host']; else $refererhost='';
|
||||||
|
$server=OC_Helper::serverHost();
|
||||||
|
$serverhost=parse_url($server);
|
||||||
|
if(isset($serverhost['host'])) $serverhost=$serverhost['host']; else $serverhost='';
|
||||||
if(!self::$CLI){
|
if(!self::$CLI){
|
||||||
$server=$protocol.OC_Helper::serverHost();
|
if(($_SERVER['REQUEST_METHOD']=='POST') and ($refererhost<>$serverhost)) {
|
||||||
if(($_SERVER['REQUEST_METHOD']=='POST') and (substr($referer,0,strlen($server))<>$server)) {
|
$url = OC_Helper::serverProtocol().'://'.$server.OC::$WEBROOT.'/index.php';
|
||||||
$url = $protocol.OC_Helper::serverProtocol().OC::$WEBROOT.'/index.php';
|
|
||||||
header("Location: $url");
|
header("Location: $url");
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
self::initSession();
|
self::initSession();
|
||||||
self::initTemplateEngine();
|
self::initTemplateEngine();
|
||||||
self::checkUpgrade();
|
self::checkUpgrade();
|
||||||
|
|
|
@ -120,7 +120,7 @@ class OC_Helper {
|
||||||
*/
|
*/
|
||||||
public static function linkToAbsolute( $app, $file ) {
|
public static function linkToAbsolute( $app, $file ) {
|
||||||
$urlLinkTo = self::linkTo( $app, $file );
|
$urlLinkTo = self::linkTo( $app, $file );
|
||||||
$urlLinkTo = OC_Helper::serverProtocol(). '://' . self::serverHost() . $urlLinkTo;
|
$urlLinkTo = self::serverProtocol(). '://' . self::serverHost() . $urlLinkTo;
|
||||||
return $urlLinkTo;
|
return $urlLinkTo;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue