diff options
| author | Côme Chilliet <come.chilliet@nextcloud.com> | 2024-09-05 11:54:45 +0200 |
|---|---|---|
| committer | backportbot[bot] <backportbot[bot]@users.noreply.github.com> | 2024-09-05 15:53:45 +0000 |
| commit | 48c807e667d28dfde56bce815be5489872d616d4 (patch) | |
| tree | a896685a79e551ea3a2fffa8e980e9d6089e3291 /apps/settings | |
| parent | e004fb7042601384012aa326190eaf506e67a785 (diff) | |
| download | nextcloud-server-48c807e667d28dfde56bce815be5489872d616d4.tar.gz nextcloud-server-48c807e667d28dfde56bce815be5489872d616d4.zip | |
fix(setupchecks): Test overwrite.cli url first, then generated one, and
trusted domains as last fallback.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Diffstat (limited to 'apps/settings')
| -rw-r--r-- | apps/settings/lib/SetupChecks/CheckServerResponseTrait.php | 46 |
1 files changed, 30 insertions, 16 deletions
diff --git a/apps/settings/lib/SetupChecks/CheckServerResponseTrait.php b/apps/settings/lib/SetupChecks/CheckServerResponseTrait.php index aed81a41ce5..a62fe236369 100644 --- a/apps/settings/lib/SetupChecks/CheckServerResponseTrait.php +++ b/apps/settings/lib/SetupChecks/CheckServerResponseTrait.php @@ -52,36 +52,49 @@ trait CheckServerResponseTrait { /** * Get all possible URLs that need to be checked for a local request test. + * This takes all `trusted_domains` and the CLI overwrite URL into account. * - * @param string $url The relative URL to test + * @param string $url The relative URL to test starting with a / * @return string[] List of possible absolute URLs */ protected function getTestUrls(string $url, bool $removeWebroot): array { $testUrls = []; - $webroot = $this->urlGenerator->getWebroot(); + $webroot = rtrim($this->urlGenerator->getWebroot(), '/'); - $baseUrl = $this->normalizeUrl( - $this->urlGenerator->getBaseUrl(), - $webroot, - $removeWebroot - ); + /* Try overwrite.cli.url first, it’s supposed to be how the server contacts itself */ + $cliUrl = $this->config->getSystemValueString('overwrite.cli.url', ''); - $testUrls[] = $baseUrl . $url; + if ($cliUrl !== '') { + $cliUrl = $this->normalizeUrl( + $cliUrl, + $webroot, + $removeWebroot + ); - $cliUrl = $this->config->getSystemValueString('overwrite.cli.url', ''); - if ($cliUrl === '') { - return $testUrls; + $testUrls[] = $cliUrl . $url; } - $cliUrl = $this->normalizeUrl( - $cliUrl, + /* Try URL generator second */ + $baseUrl = $this->normalizeUrl( + $this->urlGenerator->getBaseUrl(), $webroot, $removeWebroot ); - if ($cliUrl !== $baseUrl) { - $testUrls[] = $cliUrl . $url; + if ($baseUrl !== $cliUrl) { + $testUrls[] = $baseUrl . $url; + } + + /* Last resort: trusted domains */ + $hosts = $this->config->getSystemValue('trusted_domains', []); + foreach ($hosts as $host) { + if (str_contains($host, '*')) { + /* Ignore domains with a wildcard */ + continue; + } + $hosts[] = 'https://' . $host . $url; + $hosts[] = 'http://' . $host . $url; } return $testUrls; @@ -91,7 +104,8 @@ trait CheckServerResponseTrait { * Strip a trailing slash and remove the webroot if requested. */ protected function normalizeUrl(string $url, string $webroot, bool $removeWebroot): string { - if ($removeWebroot && str_contains($url, $webroot)) { + $url = rtrim($url, '/'); + if ($removeWebroot && str_ends_with($url, $webroot)) { $url = substr($url, -strlen($webroot)); } return rtrim($url, '/'); |