summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMorris Jobke <hey@morrisjobke.de>2020-04-27 10:38:32 +0200
committerGitHub <noreply@github.com>2020-04-27 10:38:32 +0200
commit3c5c4caa4da7fee700ba683bb75e3b8aa7c1b190 (patch)
tree95c080fd3d4c7e7e3cd8990b9ff33adb45cf780b
parent8f532105f9a813634dd7a4f88d2c4703c56f8454 (diff)
parentd7161b4eee996554607d0d06da399cd299d8df52 (diff)
downloadnextcloud-server-3c5c4caa4da7fee700ba683bb75e3b8aa7c1b190.tar.gz
nextcloud-server-3c5c4caa4da7fee700ba683bb75e3b8aa7c1b190.zip
Merge pull request #20632 from nextcloud/bugfix/20624
Only catch anonymous OPTIONS for Office
-rw-r--r--apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php4
-rw-r--r--apps/dav/tests/unit/DAV/AnonymousOptionsTest.php22
2 files changed, 22 insertions, 4 deletions
diff --git a/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php b/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php
index 63e57735972..e209f7f1af6 100644
--- a/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php
+++ b/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php
@@ -67,9 +67,9 @@ class AnonymousOptionsPlugin extends ServerPlugin {
$emptyAuth = $request->getHeader('Authorization') === null
|| $request->getHeader('Authorization') === ''
|| trim($request->getHeader('Authorization')) === 'Bearer';
- $isAnonymousOption = $request->getMethod() === 'OPTIONS' && $emptyAuth;
+ $isAnonymousOfficeOption = $request->getMethod() === 'OPTIONS' && $isOffice && $emptyAuth;
$isOfficeHead = $request->getMethod() === 'HEAD' && $isOffice && $emptyAuth;
- if ($isAnonymousOption || $isOfficeHead) {
+ if ($isAnonymousOfficeOption || $isOfficeHead) {
/** @var CorePlugin $corePlugin */
$corePlugin = $this->server->getPlugin('core');
// setup a fake tree for anonymous access
diff --git a/apps/dav/tests/unit/DAV/AnonymousOptionsTest.php b/apps/dav/tests/unit/DAV/AnonymousOptionsTest.php
index 6aabb4845fe..c8940533ab0 100644
--- a/apps/dav/tests/unit/DAV/AnonymousOptionsTest.php
+++ b/apps/dav/tests/unit/DAV/AnonymousOptionsTest.php
@@ -53,18 +53,36 @@ class AnonymousOptionsTest extends TestCase {
public function testAnonymousOptionsRoot() {
$response = $this->sendRequest('OPTIONS', '');
- $this->assertEquals(200, $response->getStatus());
+ $this->assertEquals(401, $response->getStatus());
}
public function testAnonymousOptionsNonRoot() {
$response = $this->sendRequest('OPTIONS', 'foo');
- $this->assertEquals(200, $response->getStatus());
+ $this->assertEquals(401, $response->getStatus());
}
public function testAnonymousOptionsNonRootSubDir() {
$response = $this->sendRequest('OPTIONS', 'foo/bar');
+ $this->assertEquals(401, $response->getStatus());
+ }
+
+ public function testAnonymousOptionsRootOffice() {
+ $response = $this->sendRequest('OPTIONS', '', 'Microsoft Office does strange things');
+
+ $this->assertEquals(200, $response->getStatus());
+ }
+
+ public function testAnonymousOptionsNonRootOffice() {
+ $response = $this->sendRequest('OPTIONS', 'foo', 'Microsoft Office does strange things');
+
+ $this->assertEquals(200, $response->getStatus());
+ }
+
+ public function testAnonymousOptionsNonRootSubDirOffice() {
+ $response = $this->sendRequest('OPTIONS', 'foo/bar', 'Microsoft Office does strange things');
+
$this->assertEquals(200, $response->getStatus());
}