diff options
| author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2019-12-09 21:37:22 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-12-09 21:37:22 +0100 |
| commit | 72155009faec02b000d8d320e3fba9d1ca51076b (patch) | |
| tree | 1f10bceaaea089d5aa0b6255ec9f875b159bdb77 | |
| parent | 3e720942e58f99b038616d95e00a01ac9dd2f490 (diff) | |
| parent | d05f131929b8812cac1c1e08bf8098d6df03b191 (diff) | |
| download | nextcloud-server-72155009faec02b000d8d320e3fba9d1ca51076b.tar.gz nextcloud-server-72155009faec02b000d8d320e3fba9d1ca51076b.zip | |
Merge pull request #18184 from nextcloud/bugfix/noid/is-trusted-domain
Move overwritehost check to isTrustedDomain
| -rw-r--r-- | lib/base.php | 3 | ||||
| -rw-r--r-- | lib/private/Security/TrustedDomainHelper.php | 5 | ||||
| -rw-r--r-- | tests/lib/Security/TrustedDomainHelperTest.php | 17 |
3 files changed, 21 insertions, 4 deletions
diff --git a/lib/base.php b/lib/base.php index 436b2a2aeea..b0991307dda 100644 --- a/lib/base.php +++ b/lib/base.php @@ -760,9 +760,6 @@ class OC { * FIXME: Should not be in here at all :see_no_evil: */ if (!OC::$CLI - // overwritehost is always trusted, workaround to not have to make - // \OC\AppFramework\Http\Request::getOverwriteHost public - && self::$server->getConfig()->getSystemValue('overwritehost') === '' && !\OC::$server->getTrustedDomainHelper()->isTrustedDomain($host) && self::$server->getConfig()->getSystemValue('installed', false) ) { diff --git a/lib/private/Security/TrustedDomainHelper.php b/lib/private/Security/TrustedDomainHelper.php index 5cbc08d0fd3..dc6b10c92b3 100644 --- a/lib/private/Security/TrustedDomainHelper.php +++ b/lib/private/Security/TrustedDomainHelper.php @@ -70,6 +70,11 @@ class TrustedDomainHelper { * have been configured */ public function isTrustedDomain($domainWithPort) { + // overwritehost is always trusted + if ($this->config->getSystemValue('overwritehost') !== '') { + return true; + } + $domain = $this->getDomainWithoutPort($domainWithPort); // Read trusted domains from config diff --git a/tests/lib/Security/TrustedDomainHelperTest.php b/tests/lib/Security/TrustedDomainHelperTest.php index 26158401f79..f3ee14dead1 100644 --- a/tests/lib/Security/TrustedDomainHelperTest.php +++ b/tests/lib/Security/TrustedDomainHelperTest.php @@ -31,7 +31,11 @@ class TrustedDomainHelperTest extends \Test\TestCase { * @param bool $result */ public function testIsTrustedDomain($trustedDomains, $testDomain, $result) { - $this->config->expects($this->once()) + $this->config->expects($this->at(0)) + ->method('getSystemValue') + ->with('overwritehost') + ->will($this->returnValue('')); + $this->config->expects($this->at(1)) ->method('getSystemValue') ->with('trusted_domains') ->will($this->returnValue($trustedDomains)); @@ -113,4 +117,15 @@ class TrustedDomainHelperTest extends \Test\TestCase { [$trustedHostTestList, 'LOWERCASE.DOMAIN', true], ]; } + + public function testIsTrustedDomainOverwriteHost() { + $this->config->expects($this->at(0)) + ->method('getSystemValue') + ->with('overwritehost') + ->will($this->returnValue('myproxyhost')); + + $trustedDomainHelper = new TrustedDomainHelper($this->config); + $this->assertTrue($trustedDomainHelper->isTrustedDomain('myproxyhost')); + $this->assertTrue($trustedDomainHelper->isTrustedDomain('myotherhost')); + } } |