diff options
| author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2021-02-13 14:58:26 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-02-13 14:58:26 +0100 |
| commit | ae4e47cbe733d4aa0c7fed0a7c9ba30b4514e660 (patch) | |
| tree | 112f824fd83ffeb31c81d8cd706773b03521bcf4 /apps/settings/lib/Controller/CheckSetupController.php | |
| parent | 5b43afd076aa25474456ee01cd077acebe7b4675 (diff) | |
| parent | 01118a2218e76d5fb89eb5eaeb101ce43632996f (diff) | |
| download | nextcloud-server-ae4e47cbe733d4aa0c7fed0a7c9ba30b4514e660.tar.gz nextcloud-server-ae4e47cbe733d4aa0c7fed0a7c9ba30b4514e660.zip | |
Merge pull request #25608 from nextcloud/trusted-proxy-check-correct-header
use the configured forwarded headers for the setup check
Diffstat (limited to 'apps/settings/lib/Controller/CheckSetupController.php')
| -rw-r--r-- | apps/settings/lib/Controller/CheckSetupController.php | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/apps/settings/lib/Controller/CheckSetupController.php b/apps/settings/lib/Controller/CheckSetupController.php index d732b137199..47a55591a46 100644 --- a/apps/settings/lib/Controller/CheckSetupController.php +++ b/apps/settings/lib/Controller/CheckSetupController.php @@ -309,7 +309,14 @@ class CheckSetupController extends Controller { $trustedProxies = $this->config->getSystemValue('trusted_proxies', []); $remoteAddress = $this->request->getHeader('REMOTE_ADDR'); - if (empty($trustedProxies) && $this->request->getHeader('X-Forwarded-Host') !== '') { + $forwardedForHeaders = $this->config->getSystemValue('forwarded_for_headers', [ + 'HTTP_X_FORWARDED_FOR' + ]); + $hasForwardedHeaderSet = array_reduce($forwardedForHeaders, function($set, $header) { + return $set || ($this->request->getHeader($header) !== ''); + }, false); + + if (empty($trustedProxies) && $hasForwardedHeaderSet) { return false; } |