diff options
| author | Vincent Petry <pvince81@owncloud.com> | 2016-06-09 11:58:28 +0200 |
|---|---|---|
| committer | Vincent Petry <pvince81@owncloud.com> | 2016-06-09 11:58:28 +0200 |
| commit | 90c1ec1c49798232c0c1303ccbddacac536b5768 (patch) | |
| tree | c7541d23b30327be5d911f4a8701b4c241483bf3 /lib/private | |
| parent | 826e276a79c29314e4d8dc243031bf6cd718acdc (diff) | |
| parent | fb087a026167d0c0db4af9634657a52dfaf011de (diff) | |
| download | nextcloud-server-90c1ec1c49798232c0c1303ccbddacac536b5768.tar.gz nextcloud-server-90c1ec1c49798232c0c1303ccbddacac536b5768.zip | |
Merge pull request #25014 from owncloud/admin-datadircheck-fix
Use temporary htaccesstest.txt for data dir security check
Diffstat (limited to 'lib/private')
| -rw-r--r-- | lib/private/legacy/util.php | 37 |
1 files changed, 24 insertions, 13 deletions
diff --git a/lib/private/legacy/util.php b/lib/private/legacy/util.php index b744db21238..a863348566e 100644 --- a/lib/private/legacy/util.php +++ b/lib/private/legacy/util.php @@ -1128,19 +1128,8 @@ class OC_Util { return $encoded; } - /** - * Check if the .htaccess file is working - * @param \OCP\IConfig $config - * @return bool - * @throws Exception - * @throws \OC\HintException If the test file can't get written. - */ - public function isHtaccessWorking(\OCP\IConfig $config) { - - if (\OC::$CLI || !$config->getSystemValue('check_for_working_htaccess', true)) { - return true; - } + public function createHtaccessTestFile(\OCP\IConfig $config) { // php dev server does not support htaccess if (php_sapi_name() === 'cli-server') { return false; @@ -1148,7 +1137,7 @@ class OC_Util { // testdata $fileName = '/htaccesstest.txt'; - $testContent = 'testcontent'; + $testContent = 'This is used for testing whether htaccess is properly enabled to disallow access from the outside. This file can be safely removed.'; // creating a test file $testFile = $config->getSystemValue('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName; @@ -1164,6 +1153,28 @@ class OC_Util { } fwrite($fp, $testContent); fclose($fp); + } + + /** + * Check if the .htaccess file is working + * @param \OCP\IConfig $config + * @return bool + * @throws Exception + * @throws \OC\HintException If the test file can't get written. + */ + public function isHtaccessWorking(\OCP\IConfig $config) { + + if (\OC::$CLI || !$config->getSystemValue('check_for_working_htaccess', true)) { + return true; + } + + $testContent = $this->createHtaccessTestFile($config); + if ($testContent === false) { + return false; + } + + $fileName = '/htaccesstest.txt'; + $testFile = $config->getSystemValue('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName; // accessing the file via http $url = \OC::$server->getURLGenerator()->getAbsoluteURL(OC::$WEBROOT . '/data' . $fileName); |