Commit 6a08fca3 authored by Vincent Petry's avatar Vincent Petry
Browse files

Merge pull request #12253 from owncloud/port-12154

Port 12154
parents 10d0883d 260a084d
......@@ -71,7 +71,7 @@ $CONFIG = array(
'trusted_domains' =>
array (
'demo.example.org',
'otherdomain.example.org:8080',
'otherdomain.example.org',
),
......
......@@ -613,14 +613,8 @@ class OC {
header('HTTP/1.1 400 Bad Request');
header('Status: 400 Bad Request');
$domain = $_SERVER['SERVER_NAME'];
// Append port to domain in case it is not
if($_SERVER['SERVER_PORT'] !== '80' && $_SERVER['SERVER_PORT'] !== '443') {
$domain .= ':'.$_SERVER['SERVER_PORT'];
}
$tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
$tmpl->assign('domain', $domain);
$tmpl->assign('domain', $_SERVER['SERVER_NAME']);
$tmpl->printPage();
exit();
......
......@@ -93,7 +93,8 @@ class Repair extends BasicEmitter {
$steps = array(
new InnoDB(),
new Collation(\OC::$server->getConfig(), \OC_DB::getConnection()),
new SearchLuceneTables()
new SearchLuceneTables(),
new RepairConfig()
);
//There is no need to delete all previews on every single update
......
......@@ -12,8 +12,7 @@ class OC_Request {
// Android Chrome user agent: https://developers.google.com/chrome/mobile/docs/user-agent
const USER_AGENT_ANDROID_MOBILE_CHROME = '#Android.*Chrome/[.0-9]*#';
const USER_AGENT_FREEBOX = '#^Mozilla/5\.0$#';
const REGEX_LOCALHOST = '/^(127\.0\.0\.1|localhost)(:[0-9]+|)$/';
const REGEX_LOCALHOST = '/^(127\.0\.0\.1|localhost)$/';
static protected $reqId;
/**
......@@ -76,13 +75,26 @@ class OC_Request {
* have been configured
*/
public static function isTrustedDomain($domain) {
$trustedList = \OC_Config::getValue('trusted_domains', array());
// Extract port from domain if needed
$pos = strrpos($domain, ':');
if ($pos !== false) {
$port = substr($domain, $pos + 1);
if (is_numeric($port)) {
$domain = substr($domain, 0, $pos);
}
}
// FIXME: Empty config array defaults to true for now. - Deprecate this behaviour with ownCloud 8.
$trustedList = \OC::$server->getConfig()->getSystemValue('trusted_domains', array());
if (empty($trustedList)) {
return true;
}
// Always allow access from localhost
if (preg_match(self::REGEX_LOCALHOST, $domain) === 1) {
return true;
}
return in_array($domain, $trustedList);
}
......
......@@ -12,8 +12,16 @@ use OC\Hooks\BasicEmitter;
use OC\RepairStep;
use Sabre\DAV\Exception;
/**
* Class RepairConfig
*
* @package OC\Repair
*/
class RepairConfig extends BasicEmitter implements RepairStep {
/**
* @return string
*/
public function getName() {
return 'Repair config';
}
......@@ -23,6 +31,7 @@ class RepairConfig extends BasicEmitter implements RepairStep {
*/
public function run() {
$this->addSecret();
$this->removePortsFromTrustedDomains();
}
/**
......@@ -34,4 +43,24 @@ class RepairConfig extends BasicEmitter implements RepairStep {
\OC::$server->getConfig()->setSystemValue('secret', $secret);
}
}
/**
* Remove ports from existing trusted domains in config.php
*/
private function removePortsFromTrustedDomains() {
$trustedDomains = \OC::$server->getConfig()->getSystemValue('trusted_domains', array());
$newTrustedDomains = array();
foreach($trustedDomains as $domain) {
$pos = strrpos($domain, ':');
if ($pos !== false) {
$port = substr($domain, $pos + 1);
if (is_numeric($port)) {
$domain = substr($domain, 0, $pos);
}
}
$newTrustedDomains[] = $domain;
}
\OC::$server->getConfig()->setSystemValue('trusted_domains', $newTrustedDomains);
}
}
......@@ -240,7 +240,7 @@ class Test_Request extends PHPUnit_Framework_TestCase {
}
public function trustedDomainDataProvider() {
$trustedHostTestList = array('host.one.test:8080', 'host.two.test:8080');
$trustedHostTestList = array('host.one.test', 'host.two.test', '[1fff:0:a88:85a3::ac1f]');
return array(
// empty defaults to true
array(null, 'host.one.test:8080', true),
......@@ -249,8 +249,12 @@ class Test_Request extends PHPUnit_Framework_TestCase {
// trust list when defined
array($trustedHostTestList, 'host.two.test:8080', true),
array($trustedHostTestList, 'host.two.test:9999', false),
array($trustedHostTestList, 'host.two.test:9999', true),
array($trustedHostTestList, 'host.three.test:8080', false),
array($trustedHostTestList, 'host.two.test:8080:aa:222', false),
array($trustedHostTestList, '[1fff:0:a88:85a3::ac1f]', true),
array($trustedHostTestList, '[1fff:0:a88:85a3::ac1f]:801', true),
array($trustedHostTestList, '[1fff:0:a88:85a3::ac1f]:801:34', false),
// trust localhost regardless of trust list
array($trustedHostTestList, 'localhost', true),
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment