diff options
| author | Robin McCorkell <rmccorkell@karoshi.org.uk> | 2015-07-25 19:18:32 +0100 |
|---|---|---|
| committer | Robin McCorkell <rmccorkell@owncloud.com> | 2015-08-10 23:28:16 +0100 |
| commit | 2579999373e628c1d6d4d08d1d89412f1fd68fe3 (patch) | |
| tree | 3baf6873ad32a70ebd572862eb890be5d3fb65d3 /settings/controller | |
| parent | 8944af57cbd1fd2962b6adeaed76c6cd41712453 (diff) | |
| download | nextcloud-server-2579999373e628c1d6d4d08d1d89412f1fd68fe3.tar.gz nextcloud-server-2579999373e628c1d6d4d08d1d89412f1fd68fe3.zip | |
Add setup check for reverse proxy header configuration
Diffstat (limited to 'settings/controller')
| -rw-r--r-- | settings/controller/checksetupcontroller.php | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/settings/controller/checksetupcontroller.php b/settings/controller/checksetupcontroller.php index ff605b474e2..33f94fe4238 100644 --- a/settings/controller/checksetupcontroller.php +++ b/settings/controller/checksetupcontroller.php @@ -128,7 +128,7 @@ class CheckSetupController extends Controller { /** * Check if the used SSL lib is outdated. Older OpenSSL and NSS versions do * have multiple bugs which likely lead to problems in combination with - * functionalities required by ownCloud such as SNI. + * functionality required by ownCloud such as SNI. * * @link https://github.com/owncloud/core/issues/17446#issuecomment-122877546 * @link https://bugzilla.redhat.com/show_bug.cgi?id=1241172 @@ -193,6 +193,23 @@ class CheckSetupController extends Controller { return ['eol' => $eol, 'version' => PHP_VERSION]; } + /* + * Check if the reverse proxy configuration is working as expected + * + * @return bool + */ + private function forwardedForHeadersWorking() { + $trustedProxies = $this->config->getSystemValue('trusted_proxies', []); + $remoteAddress = $this->request->getRemoteAddress(); + + if (is_array($trustedProxies) && in_array($remoteAddress, $trustedProxies)) { + return false; + } + + // either not enabled or working correctly + return true; + } + /** * @return DataResponse */ @@ -207,6 +224,8 @@ class CheckSetupController extends Controller { 'securityDocs' => $this->urlGenerator->linkToDocs('admin-security'), 'isUsedTlsLibOutdated' => $this->isUsedTlsLibOutdated(), 'phpSupported' => $this->isPhpSupported(), + 'forwardedForHeadersWorking' => $this->forwardedForHeadersWorking(), + 'reverseProxyDocs' => $this->urlGenerator->linkToDocs('admin-reverse-proxy'), ] ); } |