diff options
| author | Vincent Petry <pvince81@owncloud.com> | 2016-07-13 10:40:33 +0200 |
|---|---|---|
| committer | Thomas Müller <DeepDiver1975@users.noreply.github.com> | 2016-07-13 10:40:33 +0200 |
| commit | 92f49fbb395f494a639d481461fa6739600193c2 (patch) | |
| tree | 9e5c242f1d06a5dfdee554a86d13449a4bae4046 /core | |
| parent | 3de4dfb2e57c2f87e23a288823853554da9790ff (diff) | |
| download | nextcloud-server-92f49fbb395f494a639d481461fa6739600193c2.tar.gz nextcloud-server-92f49fbb395f494a639d481461fa6739600193c2.zip | |
[stable9.1] Workaround to check htaccess in case of redirects (#25434)
* Workaround to check htaccess in case of redirects
In some setups, the web server will redirect any call to "data/" to the
main page. This causes the XHR to return the 200 HTTP status code and
the body contains the HTML page of the main page / files app.
This fix improves the htaccess failure detection by adding a known
string inside the test file "htaccesstest.txt". If we are able to find
this string, it means that the web server didn't block access to that
file.
* Fix setup check unit test (#25439)
Diffstat (limited to 'core')
| -rw-r--r-- | core/js/setupchecks.js | 2 | ||||
| -rw-r--r-- | core/js/tests/specs/setupchecksSpec.js | 14 |
2 files changed, 14 insertions, 2 deletions
diff --git a/core/js/setupchecks.js b/core/js/setupchecks.js index 280c8d08c99..954eeab6d0c 100644 --- a/core/js/setupchecks.js +++ b/core/js/setupchecks.js @@ -198,7 +198,7 @@ } var afterCall = function(xhr) { var messages = []; - if (xhr.status !== 403 && xhr.status !== 307 && xhr.status !== 301 && xhr.responseText !== '') { + if (xhr.status !== 403 && xhr.status !== 307 && xhr.status !== 301 && xhr.responseText.indexOf('HTACCESSFAIL') >= 0) { messages.push({ msg: t('core', 'Your data directory and your files are probably accessible from the Internet. The .htaccess file is not working. We strongly suggest that you configure your web server in a way that the data directory is no longer accessible or you move the data directory outside the web server document root.'), type: OC.SetupChecks.MESSAGE_TYPE_ERROR diff --git a/core/js/tests/specs/setupchecksSpec.js b/core/js/tests/specs/setupchecksSpec.js index 172e6e27135..5d34e4d50c9 100644 --- a/core/js/tests/specs/setupchecksSpec.js +++ b/core/js/tests/specs/setupchecksSpec.js @@ -103,7 +103,7 @@ describe('OC.SetupChecks tests', function() { it('should return an error if data directory is not protected', function(done) { var async = OC.SetupChecks.checkDataProtected(); - suite.server.requests[0].respond(200, {'Content-Type': 'text/plain'}, 'file contents'); + suite.server.requests[0].respond(200, {'Content-Type': 'text/plain'}, '*cough*HTACCESSFAIL*cough*'); async.done(function( data, s, x ){ expect(data).toEqual([ @@ -126,6 +126,18 @@ describe('OC.SetupChecks tests', function() { }); }); + it('should not return an error if data directory is protected and redirects to main page', function(done) { + var async = OC.SetupChecks.checkDataProtected(); + + suite.server.requests[0].respond(200, {'Content-Type': 'text/plain'}, '<html><body>blah</body></html>'); + + async.done(function( data, s, x ){ + expect(data).toEqual([]); + done(); + }); + }); + + it('should return an error if data directory is a boolean', function(done) { oc_dataURL = false; |