diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2015-06-22 12:28:07 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2015-06-22 12:28:07 +0200 |
| commit | 4d23e060971d195da0c23cb00da297e581b6cffd (patch) | |
| tree | e5ee9a9856647c6b1d158780e84cf0a48dbde4c9 | |
| parent | c77e44117d1cdb45a224e3f370acbb09f1b095dc (diff) | |
| download | nextcloud-server-4d23e060971d195da0c23cb00da297e581b6cffd.tar.gz nextcloud-server-4d23e060971d195da0c23cb00da297e581b6cffd.zip | |
Fix undefined offset
There are cases where no trusted host is specified such as when installing the instance, this lead to an undefined offset warning in the log right after installing. (when another domain than localhost or 127.0.0.1 was used)
| -rw-r--r-- | lib/private/appframework/http/request.php | 11 | ||||
| -rw-r--r-- | tests/lib/appframework/http/RequestTest.php | 93 |
2 files changed, 96 insertions, 8 deletions
diff --git a/lib/private/appframework/http/request.php b/lib/private/appframework/http/request.php index 2455209cdf3..f72ad7cc1d8 100644 --- a/lib/private/appframework/http/request.php +++ b/lib/private/appframework/http/request.php @@ -658,11 +658,6 @@ class Request implements \ArrayAccess, \Countable, IRequest { * @return string Server host */ public function getServerHost() { - // FIXME: Ugly workaround that we need to get rid of - if (\OC::$CLI && defined('PHPUNIT_RUN')) { - return 'localhost'; - } - // overwritehost is always trusted $host = $this->getOverwriteHost(); if ($host !== null) { @@ -680,7 +675,11 @@ class Request implements \ArrayAccess, \Countable, IRequest { return $host; } else { $trustedList = $this->config->getSystemValue('trusted_domains', []); - return $trustedList[0]; + if(!empty($trustedList)) { + return $trustedList[0]; + } else { + return ''; + } } } diff --git a/tests/lib/appframework/http/RequestTest.php b/tests/lib/appframework/http/RequestTest.php index a4bf3519bfc..de3430d757c 100644 --- a/tests/lib/appframework/http/RequestTest.php +++ b/tests/lib/appframework/http/RequestTest.php @@ -773,7 +773,23 @@ class RequestTest extends \Test\TestCase { $this->assertEquals('from.forwarded.host2:8080', $request->getInsecureServerHost()); } - public function testGetServerHost() { + public function testGetServerHostWithOverwriteHost() { + $this->config + ->expects($this->at(0)) + ->method('getSystemValue') + ->with('overwritehost') + ->will($this->returnValue('my.overwritten.host')); + $this->config + ->expects($this->at(1)) + ->method('getSystemValue') + ->with('overwritecondaddr') + ->will($this->returnValue('')); + $this->config + ->expects($this->at(2)) + ->method('getSystemValue') + ->with('overwritehost') + ->will($this->returnValue('my.overwritten.host')); + $request = new Request( [], $this->secureRandom, @@ -781,7 +797,80 @@ class RequestTest extends \Test\TestCase { $this->stream ); - $this->assertEquals('localhost', $request->getServerHost()); + $this->assertEquals('my.overwritten.host', $request->getServerHost()); + } + + public function testGetServerHostWithTrustedDomain() { + $this->config + ->expects($this->at(3)) + ->method('getSystemValue') + ->with('trusted_domains') + ->will($this->returnValue(['my.trusted.host'])); + + $request = new Request( + [ + 'server' => [ + 'HTTP_X_FORWARDED_HOST' => 'my.trusted.host', + ], + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertEquals('my.trusted.host', $request->getServerHost()); + } + + public function testGetServerHostWithUntrustedDomain() { + $this->config + ->expects($this->at(3)) + ->method('getSystemValue') + ->with('trusted_domains') + ->will($this->returnValue(['my.trusted.host'])); + $this->config + ->expects($this->at(4)) + ->method('getSystemValue') + ->with('trusted_domains') + ->will($this->returnValue(['my.trusted.host'])); + + $request = new Request( + [ + 'server' => [ + 'HTTP_X_FORWARDED_HOST' => 'my.untrusted.host', + ], + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertEquals('my.trusted.host', $request->getServerHost()); + } + + public function testGetServerHostWithNoTrustedDomain() { + $this->config + ->expects($this->at(3)) + ->method('getSystemValue') + ->with('trusted_domains') + ->will($this->returnValue([])); + $this->config + ->expects($this->at(4)) + ->method('getSystemValue') + ->with('trusted_domains') + ->will($this->returnValue([])); + + $request = new Request( + [ + 'server' => [ + 'HTTP_X_FORWARDED_HOST' => 'my.untrusted.host', + ], + ], + $this->secureRandom, + $this->config, + $this->stream + ); + + $this->assertEquals('', $request->getServerHost()); } public function testGetOverwriteHostDefaultNull() { |