mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Return proper responses when office is requesting OPTIONS/HEAD with empty Bearer header 

Signed-off-by: Julius Härtl <jus@bitgrid.net>
This commit is contained in:
Julius Härtl 2019-08-14 09:27:20 +02:00
parent d60bd93641
commit fea04ef2df
No known key found for this signature in database
GPG Key ID: 4C614C6ED2CDE6DF
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php
View File

@ -57,7 +57,10 @@ class AnonymousOptionsPlugin extends ServerPlugin {
* @return bool
*/
public function handleAnonymousOptions(RequestInterface $request, ResponseInterface $response) {
if ($request->getHeader('Authorization') === null && $request->getMethod() === 'OPTIONS' && $this->isRequestInRoot($request->getPath())) {
$isOffice = preg_match('/Microsoft Office/i', $request->getHeader('User-Agent'));
$isAnonymousOption = ($request->getMethod() === 'OPTIONS' && ($request->getHeader('Authorization') === null || trim($request->getHeader('Authorization')) === 'Bearer') && $this->isRequestInRoot($request->getPath()));
$isOfficeHead = $request->getMethod() === 'HEAD' && $isOffice && $request->getHeader('Authorization') === 'Bearer';
if ($isAnonymousOption || $isOfficeHead) {
/** @var CorePlugin $corePlugin */
$corePlugin = $this->server->getPlugin('core');
// setup a fake tree for anonymous access