From 69f343055271ca9d85386104069576d34ae42200 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Mon, 9 Jan 2017 12:52:43 +0100 Subject: [PATCH] Allow access to CSS resources Fixes https://github.com/nextcloud/server/issues/2984 Signed-off-by: Lukas Reschke --- lib/base.php | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/lib/base.php b/lib/base.php index 4a9158eff64..0fc34b3d9b9 100644 --- a/lib/base.php +++ b/lib/base.php @@ -791,23 +791,31 @@ class OC { && !\OC::$server->getTrustedDomainHelper()->isTrustedDomain($host) && self::$server->getConfig()->getSystemValue('installed', false) ) { - header('HTTP/1.1 400 Bad Request'); - header('Status: 400 Bad Request'); + // Allow access to CSS resources + $isScssRequest = false; + if(strpos($request->getPathInfo(), '/css/') === 0) { + $isScssRequest = true; + } + + if (!$isScssRequest) { + header('HTTP/1.1 400 Bad Request'); + header('Status: 400 Bad Request'); - \OC::$server->getLogger()->warning( + \OC::$server->getLogger()->warning( 'Trusted domain error. "{remoteAddress}" tried to access using "{host}" as host.', [ 'app' => 'core', 'remoteAddress' => $request->getRemoteAddress(), 'host' => $host, ] - ); + ); - $tmpl = new OCP\Template('core', 'untrustedDomain', 'guest'); - $tmpl->assign('domain', $host); - $tmpl->printPage(); + $tmpl = new OCP\Template('core', 'untrustedDomain', 'guest'); + $tmpl->assign('domain', $host); + $tmpl->printPage(); - exit(); + exit(); + } } \OC::$server->getEventLogger()->end('boot'); } -- 2.39.5