diff options
| author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2018-12-19 09:47:44 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-12-19 09:47:44 +0100 |
| commit | a0ce0824bdefca67e2023f2dd6cba7daf7414d03 (patch) | |
| tree | 6202896dd5c05ad38a5159a9ebcdea59de5b6b4a /lib | |
| parent | 3d53398d07a9ce9bb5605c770505ac88f3e0bba5 (diff) | |
| parent | 514426e27d9e6c9c7e3882697ea66a57f20a8bc0 (diff) | |
| download | nextcloud-server-a0ce0824bdefca67e2023f2dd6cba7daf7414d03.tar.gz nextcloud-server-a0ce0824bdefca67e2023f2dd6cba7daf7414d03.zip | |
Merge pull request #13116 from nextcloud/fix/only_trust_xforwardedhost_for_trusted_proxies
Only trust the X-FORWARDED-HOST header for trusted proxies
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/AppFramework/Http/Request.php | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php index 2c745973ed2..00668e87e34 100644 --- a/lib/private/AppFramework/Http/Request.php +++ b/lib/private/AppFramework/Http/Request.php @@ -691,7 +691,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { return $this->config->getSystemValue('overwriteprotocol'); } - if (isset($this->server['HTTP_X_FORWARDED_PROTO'])) { + if ($this->fromTrustedProxy() && isset($this->server['HTTP_X_FORWARDED_PROTO'])) { if (strpos($this->server['HTTP_X_FORWARDED_PROTO'], ',') !== false) { $parts = explode(',', $this->server['HTTP_X_FORWARDED_PROTO']); $proto = strtolower(trim($parts[0])); @@ -862,7 +862,7 @@ class Request implements \ArrayAccess, \Countable, IRequest { */ public function getInsecureServerHost(): string { $host = 'localhost'; - if (isset($this->server['HTTP_X_FORWARDED_HOST'])) { + if ($this->fromTrustedProxy() && isset($this->server['HTTP_X_FORWARDED_HOST'])) { if (strpos($this->server['HTTP_X_FORWARDED_HOST'], ',') !== false) { $parts = explode(',', $this->server['HTTP_X_FORWARDED_HOST']); $host = trim(current($parts)); @@ -924,4 +924,10 @@ class Request implements \ArrayAccess, \Countable, IRequest { return null; } + private function fromTrustedProxy(): bool { + $remoteAddress = isset($this->server['REMOTE_ADDR']) ? $this->server['REMOTE_ADDR'] : ''; + $trustedProxies = $this->config->getSystemValue('trusted_proxies', []); + + return \is_array($trustedProxies) && $this->isTrustedProxy($trustedProxies, $remoteAddress); + } } |