diff options
| author | Julius Härtl <jus@bitgrid.net> | 2019-08-14 09:27:20 +0200 |
|---|---|---|
| committer | Julius Härtl <jus@bitgrid.net> | 2019-08-14 10:15:45 +0200 |
| commit | fea04ef2df39209e84c50a77bd7a24ffc3ab26bb (patch) | |
| tree | fe38ea1d6f7f86edff3276bc184581477350d95c | |
| parent | d60bd936410c7b022dfc2b95a30c0276dc8dfdb3 (diff) | |
| download | nextcloud-server-fea04ef2df39209e84c50a77bd7a24ffc3ab26bb.tar.gz nextcloud-server-fea04ef2df39209e84c50a77bd7a24ffc3ab26bb.zip | |
Return proper responses when office is requesting OPTIONS/HEAD with empty Bearer header
Signed-off-by: Julius Härtl <jus@bitgrid.net>
| -rw-r--r-- | apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php b/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php index 67c1a9a5118..63a5da96b73 100644 --- a/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php +++ b/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php @@ -57,7 +57,10 @@ class AnonymousOptionsPlugin extends ServerPlugin { * @return bool */ public function handleAnonymousOptions(RequestInterface $request, ResponseInterface $response) { - if ($request->getHeader('Authorization') === null && $request->getMethod() === 'OPTIONS' && $this->isRequestInRoot($request->getPath())) { + $isOffice = preg_match('/Microsoft Office/i', $request->getHeader('User-Agent')); + $isAnonymousOption = ($request->getMethod() === 'OPTIONS' && ($request->getHeader('Authorization') === null || trim($request->getHeader('Authorization')) === 'Bearer') && $this->isRequestInRoot($request->getPath())); + $isOfficeHead = $request->getMethod() === 'HEAD' && $isOffice && $request->getHeader('Authorization') === 'Bearer'; + if ($isAnonymousOption || $isOfficeHead) { /** @var CorePlugin $corePlugin */ $corePlugin = $this->server->getPlugin('core'); // setup a fake tree for anonymous access |