nextcloud

Commit Graph

Author	SHA1	Message	Date
Lukas Reschke	dc6789fd5b	Explicitly check for port The setup uses `\OCP\IRequest::getInsecureServerHost` which in some cases can also include a port. This makes the trusted domain check fail thus. I've decided to add this here that way because adjusting the setup would require parsing the host properly. This is not something that can be done very good in PHP. Check the following example for why `parse_url` is not our friend: https://3v4l.org/k501Z	2016-03-10 22:32:29 +01:00
Lukas Reschke	8289943a0f	Do not trust casting	2015-12-08 08:50:00 +01:00
Lukas Reschke	886bda5f81	Refactor OC_Request into TrustedDomainHelper and IRequest This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed. This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions. Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though. Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969	2015-02-16 22:13:00 +01:00

Author

SHA1

Message

Date

Lukas Reschke

dc6789fd5b

Explicitly check for port

The setup uses `\OCP\IRequest::getInsecureServerHost` which in some cases can also include a port. This makes the trusted domain check fail thus.

I've decided to add this here that way because adjusting the setup would require parsing the host properly. This is not something that can be done very good in PHP. Check the following example for why `parse_url` is not our friend: https://3v4l.org/k501Z

2016-03-10 22:32:29 +01:00

Lukas Reschke

8289943a0f

Do not trust casting

2015-12-08 08:50:00 +01:00

Lukas Reschke

886bda5f81

Refactor OC_Request into TrustedDomainHelper and IRequest

This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed.

This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions.

Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though.

Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969

2015-02-16 22:13:00 +01:00

3 Commits