From 786007c78cb8f585284a749df3164c1de6447d83 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Thu, 13 Nov 2014 11:15:47 +0100 Subject: [PATCH] Ignore port for trusted domains This lead to a lot of confusion in the past and did not really offer any value. Let's remove the port check therefore. (it's anyways not really a part of the domain) Fixes https://github.com/owncloud/core/issues/12150 and https://github.com/owncloud/core/issues/12123 and also a problem reported by @DeepDiver1975. --- config/config.sample.php | 2 +- lib/base.php | 8 +------- lib/private/request.php | 17 +++++++++++++++-- tests/lib/request.php | 8 ++++++-- 4 files changed, 23 insertions(+), 12 deletions(-) diff --git a/config/config.sample.php b/config/config.sample.php index a7f92d93615..11c7a44b1ec 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -65,7 +65,7 @@ $CONFIG = array( 'trusted_domains' => array ( 'demo.example.org', - 'otherdomain.example.org:8080', + 'otherdomain.example.org', ), diff --git a/lib/base.php b/lib/base.php index 4cd9203248e..27b12339b24 100644 --- a/lib/base.php +++ b/lib/base.php @@ -573,14 +573,8 @@ class OC { header('HTTP/1.1 400 Bad Request'); header('Status: 400 Bad Request'); - $domain = $_SERVER['SERVER_NAME']; - // Append port to domain in case it is not - if($_SERVER['SERVER_PORT'] !== '80' && $_SERVER['SERVER_PORT'] !== '443') { - $domain .= ':'.$_SERVER['SERVER_PORT']; - } - $tmpl = new OCP\Template('core', 'untrustedDomain', 'guest'); - $tmpl->assign('domain', $domain); + $tmpl->assign('domain', $_SERVER['SERVER_NAME']); $tmpl->printPage(); exit(); diff --git a/lib/private/request.php b/lib/private/request.php index 221a21a258f..b9b23776088 100644 --- a/lib/private/request.php +++ b/lib/private/request.php @@ -13,7 +13,7 @@ class OC_Request { const USER_AGENT_ANDROID_MOBILE_CHROME = '#Android.*Chrome/[.0-9]*#'; const USER_AGENT_FREEBOX = '#^Mozilla/5\.0$#'; - const REGEX_LOCALHOST = '/^(127\.0\.0\.1|localhost)(:[0-9]+|)$/'; + const REGEX_LOCALHOST = '/^(127\.0\.0\.1|localhost)$/'; /** * Check overwrite condition @@ -36,13 +36,26 @@ class OC_Request { * have been configured */ public static function isTrustedDomain($domain) { - $trustedList = \OC_Config::getValue('trusted_domains', array()); + // Extract port from domain if needed + $pos = strrpos($domain, ':'); + if ($pos !== false) { + $port = substr($domain, $pos + 1); + if (is_numeric($port)) { + $domain = substr($domain, 0, $pos); + } + } + + // FIXME: Empty config array defaults to true for now. - Deprecate this behaviour with ownCloud 8. + $trustedList = \OC::$server->getConfig()->getSystemValue('trusted_domains', array()); if (empty($trustedList)) { return true; } + + // Always allow access from localhost if (preg_match(self::REGEX_LOCALHOST, $domain) === 1) { return true; } + return in_array($domain, $trustedList); } diff --git a/tests/lib/request.php b/tests/lib/request.php index bff84e1b03f..07b6d4cc89b 100644 --- a/tests/lib/request.php +++ b/tests/lib/request.php @@ -208,7 +208,7 @@ class Test_Request extends PHPUnit_Framework_TestCase { } public function trustedDomainDataProvider() { - $trustedHostTestList = array('host.one.test:8080', 'host.two.test:8080'); + $trustedHostTestList = array('host.one.test', 'host.two.test', '[1fff:0:a88:85a3::ac1f]'); return array( // empty defaults to true array(null, 'host.one.test:8080', true), @@ -217,8 +217,12 @@ class Test_Request extends PHPUnit_Framework_TestCase { // trust list when defined array($trustedHostTestList, 'host.two.test:8080', true), - array($trustedHostTestList, 'host.two.test:9999', false), + array($trustedHostTestList, 'host.two.test:9999', true), array($trustedHostTestList, 'host.three.test:8080', false), + array($trustedHostTestList, 'host.two.test:8080:aa:222', false), + array($trustedHostTestList, '[1fff:0:a88:85a3::ac1f]', true), + array($trustedHostTestList, '[1fff:0:a88:85a3::ac1f]:801', true), + array($trustedHostTestList, '[1fff:0:a88:85a3::ac1f]:801:34', false), // trust localhost regardless of trust list array($trustedHostTestList, 'localhost', true), -- 2.39.5