From 8534373f2fea5268112fb7dee0faa2caf1106d05 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Florian=20H=C3=BClsmann?= <fh@cbix.de>
Date: Mon, 7 May 2012 11:15:24 +0200
Subject: [PATCH] better invalid webfinger URI handling

---
 apps/remoteStorage/appinfo/webfinger.php | 2 ++
 apps/user_webfinger/webfinger.php        | 4 ++++
 2 files changed, 6 insertions(+)

diff --git a/apps/remoteStorage/appinfo/webfinger.php b/apps/remoteStorage/appinfo/webfinger.php
index 7c0ab84605..6403d3a691 100644
--- a/apps/remoteStorage/appinfo/webfinger.php
+++ b/apps/remoteStorage/appinfo/webfinger.php
@@ -1,6 +1,8 @@
+<?php if(OC_User::userExists(WF_USER)) { ?>
     <Link
         rel="remoteStorage"
         template="<?php echo WF_BASEURL; ?>/apps/remoteStorage/WebDAV.php/<?php echo WF_USER; ?>/remoteStorage/{category}/"
         api="WebDAV"
         auth="<?php echo WF_BASEURL; ?>/apps/remoteStorage/auth.php/<?php echo WF_USER; ?>">
     </Link>
+<?php } ?>
diff --git a/apps/user_webfinger/webfinger.php b/apps/user_webfinger/webfinger.php
index bb7bb68f77..307a163001 100755
--- a/apps/user_webfinger/webfinger.php
+++ b/apps/user_webfinger/webfinger.php
@@ -51,12 +51,16 @@ if(isset($_SERVER['HTTPS'])) {
 	$baseAddress = 'http://';
 }
 $baseAddress .= $_SERVER['SERVER_NAME'].OC::$WEBROOT;
+if(empty($id)) {
+	header("HTTP/1.0 400 Bad Request");
+}
 define('WF_USER', $userName);
 define('WF_ID', $id);
 define('WF_BASEURL', $baseAddress);
 echo "<";
 ?>
 ?xml version="1.0" encoding="UTF-8"?>
+<?php if(empty($id)) echo '<!-- Invalid URI: ' . str_replace('>', '/>', $request) . " -->\n"; ?>
 <XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0" xmlns:hm="http://host-meta.net/xrd/1.0">
     <hm:Host xmlns="http://host-meta.net/xrd/1.0"><?php echo $_SERVER['SERVER_NAME']; ?></hm:Host>
     <Subject>acct:<?php echo $id ?></Subject>
-- 
GitLab