aboutsummaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
authorRoeland Jago Douma <rullzer@users.noreply.github.com>2020-02-05 20:08:49 +0100
committerGitHub <noreply@github.com>2020-02-05 20:08:49 +0100
commitbef906b518de70393c70c698a8a4dcf478951469 (patch)
treeb3b5de754f0ad87d4a82001d5361c2af28476842 /apps
parentf11e4c9ec44f4eeb25d921f7680e23024749358a (diff)
parent8fba05db965f188ff49705af5b55eef87373dd8d (diff)
downloadnextcloud-server-bef906b518de70393c70c698a8a4dcf478951469.tar.gz
nextcloud-server-bef906b518de70393c70c698a8a4dcf478951469.zip
Merge pull request #19180 from nextcloud/bugfix/office-anonymous-empty-auth
Check for empty authorization headers for office requests
Diffstat (limited to 'apps')
-rw-r--r--apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php7
-rw-r--r--apps/dav/tests/unit/DAV/AnonymousOptionsTest.php17
2 files changed, 20 insertions, 4 deletions
diff --git a/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php b/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php
index e222eb18857..e0aa19c50b3 100644
--- a/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php
+++ b/apps/dav/lib/Connector/Sabre/AnonymousOptionsPlugin.php
@@ -62,8 +62,11 @@ class AnonymousOptionsPlugin extends ServerPlugin {
*/
public function handleAnonymousOptions(RequestInterface $request, ResponseInterface $response) {
$isOffice = preg_match('/Microsoft Office/i', $request->getHeader('User-Agent'));
- $isAnonymousOption = ($request->getMethod() === 'OPTIONS' && ($request->getHeader('Authorization') === null || trim($request->getHeader('Authorization')) === 'Bearer') && $this->isRequestInRoot($request->getPath()));
- $isOfficeHead = $request->getMethod() === 'HEAD' && $isOffice && $request->getHeader('Authorization') === 'Bearer';
+ $emptyAuth = $request->getHeader('Authorization') === null
+ || $request->getHeader('Authorization') === ''
+ || trim($request->getHeader('Authorization')) === 'Bearer';
+ $isAnonymousOption = $request->getMethod() === 'OPTIONS' && $emptyAuth;
+ $isOfficeHead = $request->getMethod() === 'HEAD' && $isOffice && $emptyAuth;
if ($isAnonymousOption || $isOfficeHead) {
/** @var CorePlugin $corePlugin */
$corePlugin = $this->server->getPlugin('core');
diff --git a/apps/dav/tests/unit/DAV/AnonymousOptionsTest.php b/apps/dav/tests/unit/DAV/AnonymousOptionsTest.php
index a0abac0712a..a61c8e1e550 100644
--- a/apps/dav/tests/unit/DAV/AnonymousOptionsTest.php
+++ b/apps/dav/tests/unit/DAV/AnonymousOptionsTest.php
@@ -33,7 +33,7 @@ use Sabre\HTTP\Sapi;
use Test\TestCase;
class AnonymousOptionsTest extends TestCase {
- private function sendRequest($method, $path) {
+ private function sendRequest($method, $path, $userAgent = '') {
$server = new Server();
$server->addPlugin(new AnonymousOptionsPlugin());
$server->addPlugin(new Plugin(new BasicCallBack(function() {
@@ -42,6 +42,7 @@ class AnonymousOptionsTest extends TestCase {
$server->httpRequest->setMethod($method);
$server->httpRequest->setUrl($path);
+ $server->httpRequest->setHeader('User-Agent', $userAgent);
$server->sapi = new SapiMock();
$server->exec();
@@ -63,7 +64,19 @@ class AnonymousOptionsTest extends TestCase {
public function testAnonymousOptionsNonRootSubDir() {
$response = $this->sendRequest('OPTIONS', 'foo/bar');
- $this->assertEquals(401, $response->getStatus());
+ $this->assertEquals(200, $response->getStatus());
+ }
+
+ public function testAnonymousHead() {
+ $response = $this->sendRequest('HEAD', '', 'Microsoft Office does strange things');
+
+ $this->assertEquals(200, $response->getStatus());
+ }
+
+ public function testAnonymousHeadNoOffice() {
+ $response = $this->sendRequest('HEAD', '');
+
+ $this->assertEquals(401, $response->getStatus(), 'curl');
}
}