diff options
| author | Johannes Ernst <jernst@indiecomputing.com> | 2016-07-06 23:51:04 +0000 |
|---|---|---|
| committer | Johannes Ernst <jernst@indiecomputing.com> | 2016-07-06 23:51:04 +0000 |
| commit | 66a134e69e45cfe507c19983760035a3beb48f8a (patch) | |
| tree | 8e4c98a0b1a2f2bdef9d4a95112c5f0ae77a47ae /lib | |
| parent | 2b4ceae620261a5433aa12acf5e2b385aef40ab8 (diff) | |
| download | nextcloud-server-66a134e69e45cfe507c19983760035a3beb48f8a.tar.gz nextcloud-server-66a134e69e45cfe507c19983760035a3beb48f8a.zip | |
Disallow certain malformed domain names even if they match the trusted domain expression
Stricter checking for valid domain names
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/Security/TrustedDomainHelper.php | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/lib/private/Security/TrustedDomainHelper.php b/lib/private/Security/TrustedDomainHelper.php index 44e133746fd..cf4def63dd3 100644 --- a/lib/private/Security/TrustedDomainHelper.php +++ b/lib/private/Security/TrustedDomainHelper.php @@ -78,13 +78,16 @@ class TrustedDomainHelper { if (preg_match(Request::REGEX_LOCALHOST, $domain) === 1) { return true; } - - // match, allowing for * wildcards + // Reject misformed domains in any case + if (strpos($domain,'-') === 0 || strpos($domain,'..') !== false) { + return false; + } + // Match, allowing for * wildcards foreach ($trustedList as $trusted) { if (gettype($trusted) !== 'string') { break; } - $regex = '/^' . join('.*', array_map(function($v) { return preg_quote($v, '/'); }, explode('*', $trusted))) . '$/'; + $regex = '/^' . join('[-\.a-zA-Z0-9]*', array_map(function($v) { return preg_quote($v, '/'); }, explode('*', $trusted))) . '$/'; if (preg_match($regex, $domain) || preg_match($regex, $domainWithPort)) { return true; } |