diff --git a/.htaccess b/.htaccess index adc6667d5b..73e1af6213 100644 --- a/.htaccess +++ b/.htaccess @@ -19,5 +19,6 @@ RewriteRule ^.well-known/carddav /remote/carddav.php [R] RewriteRule ^.well-known/caldav /remote/caldav.php [R] RewriteRule ^apps/([^/]*)/(.*\.(css|php))$ index.php?app=$1&getfile=$2 [QSA,L] +RewriteRule ^remote/(.*) remote.php [QSA,L] Options -Indexes diff --git a/3rdparty/Sabre/DAV/Server.php b/3rdparty/Sabre/DAV/Server.php index 4284c127b6..50b190e8fa 100644 --- a/3rdparty/Sabre/DAV/Server.php +++ b/3rdparty/Sabre/DAV/Server.php @@ -215,7 +215,7 @@ class Sabre_DAV_Server { $DOM->appendChild($error); $error->appendChild($DOM->createElement('s:exception',get_class($e))); - $error->appendChild($DOM->createElement('s:message',$e->getMessage())); + $error->appendChild($DOM->createElement('s:message',htmlentities($e->getMessage()))); if ($this->debugExceptions) { $error->appendChild($DOM->createElement('s:file',$e->getFile())); $error->appendChild($DOM->createElement('s:line',$e->getLine())); diff --git a/apps/files/appinfo/remote.php b/apps/files/appinfo/remote.php index 6d54a4baed..0f618c391a 100644 --- a/apps/files/appinfo/remote.php +++ b/apps/files/appinfo/remote.php @@ -37,7 +37,7 @@ $publicDir = new OC_Connector_Sabre_Directory(''); // Fire up server $server = new Sabre_DAV_Server($publicDir); -$server->setBaseUri(OC::$WEBROOT.'/remote/webdav.php'); +$server->setBaseUri($baseuri); // Load plugins $server->addPlugin(new Sabre_DAV_Auth_Plugin($authBackend,'ownCloud')); diff --git a/remote.php b/remote.php index e11b72ee8c..ab5364aad6 100644 --- a/remote.php +++ b/remote.php @@ -2,11 +2,15 @@ $RUNTIME_NOSETUPFS = true; //$RUNTIME_NOAPPS = TRUE; require_once('lib/base.php'); -$file = OCP\CONFIG::getAppValue('core', $_GET['service']); +$path_info = $_SERVER['PATH_INFO']; +if (!$pos = strpos($path_info, '/', 1)) { + $pos = strlen($path_info); +} +$service=substr($path_info, 1, $pos-1); +$file = OCP\CONFIG::getAppValue('core', $service); if(is_null($file)){ header('HTTP/1.0 404 Not Found'); exit; } -$baseuri = OC::$WEBROOT . '/remote.php?service=' . $_GET['service'] . '&p='; -parse_str($_GET['p'], $_GET); -require_once(OC::$APPSROOT . $file); \ No newline at end of file +$baseuri = '/remote.php/'.$service.'/'; +require_once(OC::$APPSROOT . $file);