This lead to a lot of confusion in the past and did not really offer any value. Let's remove the port check therefore. (it's anyways not really a part of the domain)
Fixes https://github.com/owncloud/core/issues/12150 and https://github.com/owncloud/core/issues/12123 and also a problem reported by @DeepDiver1975.
'trusted_domains' =>
array (
'demo.example.org',
- 'otherdomain.example.org:8080',
+ 'otherdomain.example.org',
),
header('HTTP/1.1 400 Bad Request');
header('Status: 400 Bad Request');
- $domain = $_SERVER['SERVER_NAME'];
- // Append port to domain in case it is not
- if($_SERVER['SERVER_PORT'] !== '80' && $_SERVER['SERVER_PORT'] !== '443') {
- $domain .= ':'.$_SERVER['SERVER_PORT'];
- }
-
$tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
- $tmpl->assign('domain', $domain);
+ $tmpl->assign('domain', $_SERVER['SERVER_NAME']);
$tmpl->printPage();
exit();
const USER_AGENT_ANDROID_MOBILE_CHROME = '#Android.*Chrome/[.0-9]*#';
const USER_AGENT_FREEBOX = '#^Mozilla/5\.0$#';
- const REGEX_LOCALHOST = '/^(127\.0\.0\.1|localhost)(:[0-9]+|)$/';
+ const REGEX_LOCALHOST = '/^(127\.0\.0\.1|localhost)$/';
/**
* Check overwrite condition
* have been configured
*/
public static function isTrustedDomain($domain) {
- $trustedList = \OC_Config::getValue('trusted_domains', array());
+ // Extract port from domain if needed
+ $pos = strrpos($domain, ':');
+ if ($pos !== false) {
+ $port = substr($domain, $pos + 1);
+ if (is_numeric($port)) {
+ $domain = substr($domain, 0, $pos);
+ }
+ }
+
+ // FIXME: Empty config array defaults to true for now. - Deprecate this behaviour with ownCloud 8.
+ $trustedList = \OC::$server->getConfig()->getSystemValue('trusted_domains', array());
if (empty($trustedList)) {
return true;
}
+
+ // Always allow access from localhost
if (preg_match(self::REGEX_LOCALHOST, $domain) === 1) {
return true;
}
+
return in_array($domain, $trustedList);
}
}
public function trustedDomainDataProvider() {
- $trustedHostTestList = array('host.one.test:8080', 'host.two.test:8080');
+ $trustedHostTestList = array('host.one.test', 'host.two.test', '[1fff:0:a88:85a3::ac1f]');
return array(
// empty defaults to true
array(null, 'host.one.test:8080', true),
// trust list when defined
array($trustedHostTestList, 'host.two.test:8080', true),
- array($trustedHostTestList, 'host.two.test:9999', false),
+ array($trustedHostTestList, 'host.two.test:9999', true),
array($trustedHostTestList, 'host.three.test:8080', false),
+ array($trustedHostTestList, 'host.two.test:8080:aa:222', false),
+ array($trustedHostTestList, '[1fff:0:a88:85a3::ac1f]', true),
+ array($trustedHostTestList, '[1fff:0:a88:85a3::ac1f]:801', true),
+ array($trustedHostTestList, '[1fff:0:a88:85a3::ac1f]:801:34', false),
// trust localhost regardless of trust list
array($trustedHostTestList, 'localhost', true),
projects / nextcloud-server.git / commitdiff