From: Thomas Müller Date: Mon, 25 Nov 2013 13:21:51 +0000 (+0100) Subject: handle duplicate slashes in case of reverse proxy configuration X-Git-Tag: v5.0.14~16^2~3 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=411a78b509d037d4d70ab308af0d924664a44fd9;p=nextcloud-server.git handle duplicate slashes in case of reverse proxy configuration Conflicts: tests/lib/request.php --- diff --git a/lib/request.php b/lib/request.php index df33217f95d..dbdd21fbf7b 100755 --- a/lib/request.php +++ b/lib/request.php @@ -135,7 +135,10 @@ class OC_Request { * @returns string Path info or false when not found */ public static function getRawPathInfo() { - $path_info = substr($_SERVER['REQUEST_URI'], strlen($_SERVER['SCRIPT_NAME'])); + $requestUri = $_SERVER['REQUEST_URI']; + // remove too many leading slashes - can be caused by reverse proxy configuration + $requestUri = '/' . ltrim($requestUri, '/'); + $path_info = substr($requestUri, strlen($_SERVER['SCRIPT_NAME'])); // Remove the query string from REQUEST_URI if ($pos = strpos($path_info, '?')) { $path_info = substr($path_info, 0, $pos); diff --git a/tests/lib/request.php b/tests/lib/request.php new file mode 100644 index 00000000000..d7ccb2146d4 --- /dev/null +++ b/tests/lib/request.php @@ -0,0 +1,46 @@ + + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + +class Test_Request extends PHPUnit_Framework_TestCase { + + public function setUp() { + OC_Config::setValue('overwritewebroot', '/domain.tld/ownCloud'); + } + + public function tearDown() { + OC_Config::setValue('overwritewebroot', ''); + } + + public function testScriptNameOverWrite() { + $_SERVER['REMOTE_ADDR'] = '10.0.0.1'; + $_SERVER["SCRIPT_FILENAME"] = __FILE__; + + $scriptName = OC_Request::scriptName(); + $this->assertEquals('/domain.tld/ownCloud/tests/lib/request.php', $scriptName); + } + + /** + * @dataProvider rawPathInfoProvider + * @param $expected + * @param $requestUri + * @param $scriptName + */ + public function testRawPathInfo($expected, $requestUri, $scriptName) { + $_SERVER['REQUEST_URI'] = $requestUri; + $_SERVER['SCRIPT_NAME'] = $scriptName; + $rawPathInfo = OC_Request::getRawPathInfo(); + $this->assertEquals($expected, $rawPathInfo); + } + + function rawPathInfoProvider() { + return array( + array('/core/ajax/translations.php', '/index.php/core/ajax/translations.php', '/index.php'), + array('/core/ajax/translations.php', '//index.php/core/ajax/translations.php', '/index.php'), + ); + } +}