diff options
| -rw-r--r-- | lib/private/Http/Client/Client.php | 9 | ||||
| -rw-r--r-- | tests/lib/Http/Client/ClientTest.php | 8 |
2 files changed, 12 insertions, 5 deletions
diff --git a/lib/private/Http/Client/Client.php b/lib/private/Http/Client/Client.php index 40ce012cd1a..62209ff9040 100644 --- a/lib/private/Http/Client/Client.php +++ b/lib/private/Http/Client/Client.php @@ -158,14 +158,15 @@ class Client implements IClient { } protected function preventLocalAddress(string $uri, array $options): void { - if ($this->isLocalAddressAllowed($options)) { - return; - } - $host = parse_url($uri, PHP_URL_HOST); if ($host === false || $host === null) { throw new LocalServerException('Could not detect any host'); } + + if ($this->isLocalAddressAllowed($options)) { + return; + } + if (!$this->remoteHostValidator->isValid($host)) { throw new LocalServerException('Host "' . $host . '" violates local access rules'); } diff --git a/tests/lib/Http/Client/ClientTest.php b/tests/lib/Http/Client/ClientTest.php index 237bb1299e5..47a6b885aed 100644 --- a/tests/lib/Http/Client/ClientTest.php +++ b/tests/lib/Http/Client/ClientTest.php @@ -130,6 +130,13 @@ class ClientTest extends \Test\TestCase { ], self::invokePrivate($this->client, 'getProxyUri')); } + public function testPreventLocalAddressThrowOnInvalidUri(): void { + $this->expectException(LocalServerException::class); + $this->expectExceptionMessage('Could not detect any host'); + + self::invokePrivate($this->client, 'preventLocalAddress', ['!@#$', []]); + } + public function dataPreventLocalAddress():array { return [ ['https://localhost/foo.bar'], @@ -146,7 +153,6 @@ class ClientTest extends \Test\TestCase { ['https://10.0.0.1'], ['https://another-host.local'], ['https://service.localhost'], - ['!@#$', true], // test invalid url ['https://normal.host.com'], ['https://com.one-.nextcloud-one.com'], ]; |