Merge pull request #10889 from owncloud/moveTrustedDomainCheck

Move trusted domain check to init()

1 files changed, 15 insertions, 15 deletions

diff --git a/lib/base.php b/lib/base.php
index 18331dd86aa..fb445124011 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -583,6 +583,21 @@ class OC {
 			);
 			return;
 		}
+
+		$host = OC_Request::insecureServerHost();
+		// if the host passed in headers isn't trusted
+		if (!OC::$CLI
+			// overwritehost is always trusted
+			&& OC_Request::getOverwriteHost() === null
+			&& !OC_Request::isTrustedDomain($host)
+		) {
+			header('HTTP/1.1 400 Bad Request');
+			header('Status: 400 Bad Request');
+			$tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
+			$tmpl->assign('domain', $_SERVER['SERVER_NAME']);
+			$tmpl->printPage();
+			return;
+		}
 	}
 
 	private static function registerLocalAddressBook() {
@@ -683,21 +698,6 @@ class OC {
 			exit();
 		}
 
-		$host = OC_Request::insecureServerHost();
-		// if the host passed in headers isn't trusted
-		if (!OC::$CLI
-			// overwritehost is always trusted
-			&& OC_Request::getOverwriteHost() === null
-			&& !OC_Request::isTrustedDomain($host)
-		) {
-			header('HTTP/1.1 400 Bad Request');
-			header('Status: 400 Bad Request');
-			$tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
-			$tmpl->assign('domain', $_SERVER['SERVER_NAME']);
-			$tmpl->printPage();
-			return;
-		}
-
 		$request = OC_Request::getPathInfo();
 		if (substr($request, -3) !== '.js') { // we need these files during the upgrade
 			self::checkMaintenanceMode();