diff options
| author | Joas Schilling <coding@schilljs.com> | 2020-12-15 11:18:30 +0100 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2020-12-15 11:24:15 +0100 |
| commit | 329ffa257e1b91a544f0e2d98af4e2ebfbcc6283 (patch) | |
| tree | 215f786a4c3a9637865c3651809fd9193a59a43d /lib/public | |
| parent | 8506d0864b3a017baeed2ad5f9a032ae1d7a6734 (diff) | |
| download | nextcloud-server-329ffa257e1b91a544f0e2d98af4e2ebfbcc6283.tar.gz nextcloud-server-329ffa257e1b91a544f0e2d98af4e2ebfbcc6283.zip | |
Log an error when setting a custom header on "Not Modified" responses
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'lib/public')
| -rw-r--r-- | lib/public/AppFramework/Http/Response.php | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/lib/public/AppFramework/Http/Response.php b/lib/public/AppFramework/Http/Response.php index ff6b97f87b1..fc3ee739773 100644 --- a/lib/public/AppFramework/Http/Response.php +++ b/lib/public/AppFramework/Http/Response.php @@ -38,6 +38,8 @@ namespace OCP\AppFramework\Http; use OCP\AppFramework\Http; use OCP\AppFramework\Utility\ITimeFactory; +use OCP\IConfig; +use Psr\Log\LoggerInterface; /** * Base class for responses. Also used to just send headers. @@ -203,6 +205,18 @@ class Response { // to be able to reliably check for security // headers + if ($this->status === Http::STATUS_NOT_MODIFIED + && stripos($name, 'x-') === 0) { + /** @var IConfig $config */ + $config = \OC::$server->get(IConfig::class); + + if ($config->getSystemValueBool('debug', false)) { + \OC::$server->get(LoggerInterface::class)->error( + 'Setting a custom header on a 204 or 304 is not supported' + ); + } + } + if (is_null($value)) { unset($this->headers[$name]); } else { |