diff options
| author | Stanimir Bozhilov <stanimir@audriga.com> | 2022-09-21 16:36:01 +0200 |
|---|---|---|
| committer | Stanimir Bozhilov <stanimir@audriga.com> | 2022-09-21 16:36:01 +0200 |
| commit | f286a9d6ac6423011eb5e513e761e61b47571bff (patch) | |
| tree | 6aecc87b07e43c7d5613adf31970b19373fdb3bb /lib/private/AppFramework | |
| parent | 0ace70488a02d7ee11cc3ae722c2e7f43f431d1e (diff) | |
| download | nextcloud-server-f286a9d6ac6423011eb5e513e761e61b47571bff.tar.gz nextcloud-server-f286a9d6ac6423011eb5e513e761e61b47571bff.zip | |
Use regex for all JSON-related content types
Signed-off-by: Stanimir Bozhilov <stanimir@audriga.com>
Diffstat (limited to 'lib/private/AppFramework')
| -rw-r--r-- | lib/private/AppFramework/Http/Request.php | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php index 59ee3edd0fe..b0392f11e09 100644 --- a/lib/private/AppFramework/Http/Request.php +++ b/lib/private/AppFramework/Http/Request.php @@ -107,6 +107,8 @@ class Request implements \ArrayAccess, \Countable, IRequest { /** @var bool */ protected $contentDecoded = false; + protected $jsonContentTypeRegex = '/application\/(\w+\+)?json/'; + /** * @param array $vars An associative array with the following optional values: * - array 'urlParams' the parameters which were matched from the URL @@ -404,13 +406,13 @@ class Request implements \ArrayAccess, \Countable, IRequest { && $this->getHeader('Content-Length') !== '0' && $this->getHeader('Content-Length') !== '' && strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') === false - && strpos($this->getHeader('Content-Type'), 'application/json') === false - && strpos($this->getHeader('Content-Type'), 'application/scim+json') === false + && preg_match($this->jsonContentTypeRegex, $this->getHeader('Content-Type')) === 0 ) { if ($this->content === false) { throw new \LogicException( '"put" can only be accessed once if not ' - . 'application/x-www-form-urlencoded or application/json.' + . 'application/x-www-form-urlencoded, application/json ' + . 'or other content type, related to JSON (like application/scim+json).' ); } $this->content = false; @@ -430,9 +432,8 @@ class Request implements \ArrayAccess, \Countable, IRequest { } $params = []; - // 'application/json' and 'application/scim+json' must be decoded manually. - if (strpos($this->getHeader('Content-Type'), 'application/json') !== false - || strpos($this->getHeader('Content-Type'), 'application/scim+json') !== false) { + // 'application/json' and other JSON-related content types must be decoded manually. + if (preg_match($this->jsonContentTypeRegex, $this->getHeader('Content-Type')) === 1) { $params = json_decode(file_get_contents($this->inputStream), true); if ($params !== null && \count($params) > 0) { $this->items['params'] = $params; |