Refactor OC_Request into TrustedDomainHelper and IRequest

This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed.

This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions.

Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though.

Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969

1 files changed, 75 insertions, 0 deletions

diff --git a/lib/private/security/trusteddomainhelper.php b/lib/private/security/trusteddomainhelper.php
new file mode 100644
index 00000000000..593263897be
--- /dev/null
+++ b/lib/private/security/trusteddomainhelper.php
@@ -0,0 +1,75 @@
+<?php
+/**
+ * Copyright (c) 2015 Lukas Reschke <lukas@owncloud.com>
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+ */
+
+namespace OC\Security;
+use OC\AppFramework\Http\Request;
+use OCP\IConfig;
+
+/**
+ * Class TrustedDomain
+ *
+ * @package OC\Security
+ */
+class TrustedDomainHelper {
+	/** @var IConfig */
+	private $config;
+
+	/**
+	 * @param IConfig $config
+	 */
+	function __construct(IConfig $config) {
+		$this->config = $config;
+	}
+
+	/**
+	 * Strips a potential port from a domain (in format domain:port)
+	 * @param $host
+	 * @return string $host without appended port
+	 */
+	private function getDomainWithoutPort($host) {
+		$pos = strrpos($host, ':');
+		if ($pos !== false) {
+			$port = substr($host, $pos + 1);
+			if (is_numeric($port)) {
+				$host = substr($host, 0, $pos);
+			}
+		}
+		return $host;
+	}
+
+	/**
+	 * Checks whether a domain is considered as trusted from the list
+	 * of trusted domains. If no trusted domains have been configured, returns
+	 * true.
+	 * This is used to prevent Host Header Poisoning.
+	 * @param string $domainWithPort
+	 * @return bool true if the given domain is trusted or if no trusted domains
+	 * have been configured
+	 */
+	public function isTrustedDomain($domainWithPort) {
+		$domain = $this->getDomainWithoutPort($domainWithPort);
+
+		// Read trusted domains from config
+		$trustedList = $this->config->getSystemValue('trusted_domains', []);
+		if(!is_array($trustedList)) {
+			return false;
+		}
+
+		// TODO: Workaround for older instances still with port applied. Remove for ownCloud 9.
+		if(in_array($domainWithPort, $trustedList)) {
+			return true;
+		}
+
+		// Always allow access from localhost
+		if (preg_match(Request::REGEX_LOCALHOST, $domain) === 1) {
+			return true;
+		}
+		return in_array($domain, $trustedList);
+	}
+
+}