Merge pull request #10889 from owncloud/moveTrustedDomainCheck
Move trusted domain check to init()
This commit is contained in:
commit
f5951b2254
30
lib/base.php
30
lib/base.php
|
@ -583,6 +583,21 @@ class OC {
|
||||||
);
|
);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$host = OC_Request::insecureServerHost();
|
||||||
|
// if the host passed in headers isn't trusted
|
||||||
|
if (!OC::$CLI
|
||||||
|
// overwritehost is always trusted
|
||||||
|
&& OC_Request::getOverwriteHost() === null
|
||||||
|
&& !OC_Request::isTrustedDomain($host)
|
||||||
|
) {
|
||||||
|
header('HTTP/1.1 400 Bad Request');
|
||||||
|
header('Status: 400 Bad Request');
|
||||||
|
$tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
|
||||||
|
$tmpl->assign('domain', $_SERVER['SERVER_NAME']);
|
||||||
|
$tmpl->printPage();
|
||||||
|
return;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private static function registerLocalAddressBook() {
|
private static function registerLocalAddressBook() {
|
||||||
|
@ -683,21 +698,6 @@ class OC {
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
||||||
$host = OC_Request::insecureServerHost();
|
|
||||||
// if the host passed in headers isn't trusted
|
|
||||||
if (!OC::$CLI
|
|
||||||
// overwritehost is always trusted
|
|
||||||
&& OC_Request::getOverwriteHost() === null
|
|
||||||
&& !OC_Request::isTrustedDomain($host)
|
|
||||||
) {
|
|
||||||
header('HTTP/1.1 400 Bad Request');
|
|
||||||
header('Status: 400 Bad Request');
|
|
||||||
$tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
|
|
||||||
$tmpl->assign('domain', $_SERVER['SERVER_NAME']);
|
|
||||||
$tmpl->printPage();
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$request = OC_Request::getPathInfo();
|
$request = OC_Request::getPathInfo();
|
||||||
if (substr($request, -3) !== '.js') { // we need these files during the upgrade
|
if (substr($request, -3) !== '.js') { // we need these files during the upgrade
|
||||||
self::checkMaintenanceMode();
|
self::checkMaintenanceMode();
|
||||||
|
|
Loading…
Reference in New Issue