Merge branch 'master' into load-apps-proper-master

Conflicts: apps/files/ajax/rawlist.php cron.php ocs/v1.php
author: Thomas Müller <thomas.mueller@tmit.eu> 2014-03-21 14:05:08 +0100
committer: Thomas Müller <thomas.mueller@tmit.eu> 2014-03-21 14:05:08 +0100
commit: 6ff96b34ad0462ad05c34633ccd08236b93bf195 (patch)
tree: 1acd7eb869d512b5a3fc9502961a98591ea20cfa /lib/private/request.php
parent: e139f7c863d5971a6386070148496cb0f70ad04e (diff)
parent: 37af74efb3e3511b2d6eacef67dc90f22a685bd3 (diff)
download: nextcloud-server-6ff96b34ad0462ad05c34633ccd08236b93bf195.tar.gz
nextcloud-server-6ff96b34ad0462ad05c34633ccd08236b93bf195.zip
1 files changed, 92 insertions, 57 deletions
diff --git a/lib/private/request.php b/lib/private/request.php
index d9d5ae08e28..8041c4f0048 100755
--- a/lib/private/request.php
+++ b/lib/private/request.php
@@ -11,6 +11,9 @@ class OC_Request {
 	const USER_AGENT_IE = '/MSIE/';
 	// Android Chrome user agent: https://developers.google.com/chrome/mobile/docs/user-agent
 	const USER_AGENT_ANDROID_MOBILE_CHROME = '#Android.*Chrome/[.0-9]*#';
+	const USER_AGENT_FREEBOX = '#^Mozilla/5\.0$#';
+
+	const REGEX_LOCALHOST = '/^(127\.0\.0\.1|localhost)(:[0-9]+|)$/';
 
 	/**
 	 * @brief Check overwrite condition
@@ -24,39 +27,97 @@ class OC_Request {
 	}
 
 	/**
-	 * @brief Returns the server host
+	 * @brief Checks whether a domain is considered as trusted from the list
+	 * of trusted domains. If no trusted domains have been configured, returns
+	 * true.
+	 * This is used to prevent Host Header Poisoning.
+	 * @param string $host
+	 * @return bool true if the given domain is trusted or if no trusted domains
+	 * have been configured
+	 */
+	public static function isTrustedDomain($domain) {
+		$trustedList = \OC_Config::getValue('trusted_domains', array());
+		if (empty($trustedList)) {
+			return true;
+		}
+		if (preg_match(self::REGEX_LOCALHOST, $domain) === 1) {
+			return true;
+		}
+		return in_array($domain, $trustedList);
+	}
+
+	/**
+	 * @brief Returns the unverified server host from the headers without checking
+	 * whether it is a trusted domain
 	 * @returns string the server host
 	 *
 	 * Returns the server host, even if the website uses one or more
 	 * reverse proxies
 	 */
-	public static function serverHost() {
-		if(OC::$CLI) {
-			return 'localhost';
-		}
-		if(OC_Config::getValue('overwritehost', '') !== '' and self::isOverwriteCondition()) {
-			return OC_Config::getValue('overwritehost');
-		}
+	public static function insecureServerHost() {
+		$host = null;
 		if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
 			if (strpos($_SERVER['HTTP_X_FORWARDED_HOST'], ",") !== false) {
-				$host = trim(array_pop(explode(",", $_SERVER['HTTP_X_FORWARDED_HOST'])));
-			}
-			else{
-				$host=$_SERVER['HTTP_X_FORWARDED_HOST'];
+				$parts = explode(',', $_SERVER['HTTP_X_FORWARDED_HOST']);
+				$host = trim(current($parts));
+			} else {
+				$host = $_SERVER['HTTP_X_FORWARDED_HOST'];
 			}
-		}
-		else{
+		} else {
 			if (isset($_SERVER['HTTP_HOST'])) {
-				return $_SERVER['HTTP_HOST'];
-			}
-			if (isset($_SERVER['SERVER_NAME'])) {
-				return $_SERVER['SERVER_NAME'];
+				$host = $_SERVER['HTTP_HOST'];
+			} else if (isset($_SERVER['SERVER_NAME'])) {
+				$host = $_SERVER['SERVER_NAME'];
 			}
-			return 'localhost';
 		}
 		return $host;
 	}
 
+	/**
+	 * Returns the overwritehost setting from the config if set and
+	 * if the overwrite condition is met
+	 * @return overwritehost value or null if not defined or the defined condition
+	 * isn't met
+	 */
+	public static function getOverwriteHost() {
+		if(OC_Config::getValue('overwritehost', '') !== '' and self::isOverwriteCondition()) {
+			return OC_Config::getValue('overwritehost');
+		}
+		return null;
+	}
+
+	/**
+	 * @brief Returns the server host from the headers, or the first configured
+	 * trusted domain if the host isn't in the trusted list
+	 * @returns string the server host
+	 *
+	 * Returns the server host, even if the website uses one or more
+	 * reverse proxies
+	 */
+	public static function serverHost() {
+		if(OC::$CLI) {
+			return 'localhost';
+		}
+
+		// overwritehost is always trusted
+		$host = self::getOverwriteHost();
+		if ($host !== null) {
+			return $host;
+		}
+
+		// get the host from the headers
+		$host = self::insecureServerHost();
+
+		// Verify that the host is a trusted domain if the trusted domains
+		// are defined
+		// If no trusted domain is provided the first trusted domain is returned
+		if (self::isTrustedDomain($host)) {
+			return $host;
+		} else {
+			$trustedList = \OC_Config::getValue('trusted_domains', array(''));
+			return $trustedList[0];
+		}
+	}
 
 	/**
 	* @brief Returns the server protocol
@@ -70,14 +131,14 @@ class OC_Request {
 		}
 		if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
 			$proto = strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']);
-		}else{
-			if(isset($_SERVER['HTTPS']) and !empty($_SERVER['HTTPS']) and ($_SERVER['HTTPS']!='off')) {
-				$proto = 'https';
-			}else{
-				$proto = 'http';
-			}
+			// Verify that the protocol is always HTTP or HTTPS
+			// default to http if an invalid value is provided
+			return $proto === 'https' ? 'https' : 'http';
+		}
+		if (isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') {
+			return 'https';
 		}
-		return $proto;
+		return 'http';
 	}
 
 	/**
@@ -86,6 +147,7 @@ class OC_Request {
 	 *
 	 * Returns the request uri, even if the website uses one or more
 	 * reverse proxies
+	 * @return string
 	 */
 	public static function requestUri() {
 		$uri = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '';
@@ -97,7 +159,7 @@ class OC_Request {
 
 	/**
 	 * @brief Returns the script name
-	 * @returns string the script name
+	 * @return string the script name
 	 *
 	 * Returns the script name, even if the website uses one or more
 	 * reverse proxies
@@ -114,7 +176,7 @@ class OC_Request {
 
 	/**
 	 * @brief get Path info from request
-	 * @returns string Path info or false when not found
+	 * @return string Path info or false when not found
 	 */
 	public static function getPathInfo() {
 		if (array_key_exists('PATH_INFO', $_SERVER)) {
@@ -138,7 +200,7 @@ class OC_Request {
 
 	/**
 	 * @brief get Path info from request, not urldecoded
-	 * @returns string Path info or false when not found
+	 * @return string Path info or false when not found
 	 */
 	public static function getRawPathInfo() {
 		$requestUri = $_SERVER['REQUEST_URI'];
@@ -178,35 +240,8 @@ class OC_Request {
 	}
 
 	/**
-	 * @brief Check if this is a no-cache request
-	 * @returns boolean true for no-cache
-	 */
-	static public function isNoCache() {
-		if (!isset($_SERVER['HTTP_CACHE_CONTROL'])) {
-			return false;
-		}
-		return $_SERVER['HTTP_CACHE_CONTROL'] == 'no-cache';
-	}
-
-	/**
-	 * @brief Check if the requestor understands gzip
-	 * @returns boolean true for gzip encoding supported
-	 */
-	static public function acceptGZip() {
-		if (!isset($_SERVER['HTTP_ACCEPT_ENCODING'])) {
-			return false;
-		}
-		$HTTP_ACCEPT_ENCODING = $_SERVER["HTTP_ACCEPT_ENCODING"];
-		if( strpos($HTTP_ACCEPT_ENCODING, 'x-gzip') !== false )
-			return 'x-gzip';
-		else if( strpos($HTTP_ACCEPT_ENCODING, 'gzip') !== false )
-			return 'gzip';
-		return false;
-	}
-
-	/**
 	 * @brief Check if the requester sent along an mtime
-	 * @returns false or an mtime
+	 * @return false or an mtime
 	 */
 	static public function hasModificationTime () {
 		if (isset($_SERVER['HTTP_X_OC_MTIME'])) {
author	Thomas Müller <thomas.mueller@tmit.eu>	2014-03-21 14:05:08 +0100
committer	Thomas Müller <thomas.mueller@tmit.eu>	2014-03-21 14:05:08 +0100
commit	6ff96b34ad0462ad05c34633ccd08236b93bf195 (patch)
tree	1acd7eb869d512b5a3fc9502961a98591ea20cfa /lib/private/request.php
parent	e139f7c863d5971a6386070148496cb0f70ad04e (diff)
parent	37af74efb3e3511b2d6eacef67dc90f22a685bd3 (diff)
download	nextcloud-server-6ff96b34ad0462ad05c34633ccd08236b93bf195.tar.gz nextcloud-server-6ff96b34ad0462ad05c34633ccd08236b93bf195.zip