diff options
| author | Joas Schilling <coding@schilljs.com> | 2021-10-26 13:26:46 +0200 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2021-10-28 10:24:16 +0200 |
| commit | c42f5bc5f666290b99a1662b9048d3163bee0be9 (patch) | |
| tree | 52a7152703a8df66acada84adb223845d4389917 /lib/private/Security | |
| parent | d231d2618de78b87cbc3916109652f0432fee607 (diff) | |
| download | nextcloud-server-c42f5bc5f666290b99a1662b9048d3163bee0be9.tar.gz nextcloud-server-c42f5bc5f666290b99a1662b9048d3163bee0be9.zip | |
Add an OCP for trusted domain helper
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'lib/private/Security')
| -rw-r--r-- | lib/private/Security/TrustedDomainHelper.php | 32 |
1 files changed, 19 insertions, 13 deletions
diff --git a/lib/private/Security/TrustedDomainHelper.php b/lib/private/Security/TrustedDomainHelper.php index 49f4194d77f..175e4cbd356 100644 --- a/lib/private/Security/TrustedDomainHelper.php +++ b/lib/private/Security/TrustedDomainHelper.php @@ -31,13 +31,9 @@ namespace OC\Security; use OC\AppFramework\Http\Request; use OCP\IConfig; +use OCP\Security\ITrustedDomainHelper; -/** - * Class TrustedDomain - * - * @package OC\Security - */ -class TrustedDomainHelper { +class TrustedDomainHelper implements ITrustedDomainHelper { /** @var IConfig */ private $config; @@ -65,13 +61,23 @@ class TrustedDomainHelper { } /** - * Checks whether a domain is considered as trusted from the list - * of trusted domains. If no trusted domains have been configured, returns - * true. - * This is used to prevent Host Header Poisoning. - * @param string $domainWithPort - * @return bool true if the given domain is trusted or if no trusted domains - * have been configured + * {@inheritDoc} + */ + public function isTrustedUrl(string $url): bool { + $parsedUrl = parse_url($url); + if (empty($parsedUrl['host'])) { + return false; + } + + if (isset($parsedUrl['port']) && $parsedUrl['port']) { + return $this->isTrustedDomain($parsedUrl['host'] . ':' . $parsedUrl['port']); + } + + return $this->isTrustedDomain($parsedUrl['host']); + } + + /** + * {@inheritDoc} */ public function isTrustedDomain(string $domainWithPort): bool { // overwritehost is always trusted |