diff options
Diffstat (limited to 'lib/private/request.php')
| -rwxr-xr-x | lib/private/request.php | 35 |
1 files changed, 30 insertions, 5 deletions
diff --git a/lib/private/request.php b/lib/private/request.php index df33217f95d..37d918d2032 100755 --- a/lib/private/request.php +++ b/lib/private/request.php @@ -9,6 +9,7 @@ class OC_Request { /** * @brief Check overwrite condition + * @param string $type * @returns bool */ private static function isOverwriteCondition($type = '') { @@ -99,7 +100,7 @@ class OC_Request { public static function scriptName() { $name = $_SERVER['SCRIPT_NAME']; if (OC_Config::getValue('overwritewebroot', '') !== '' and self::isOverwriteCondition()) { - $serverroot = str_replace("\\", '/', substr(__DIR__, 0, -4)); + $serverroot = str_replace("\\", '/', substr(__DIR__, 0, -strlen('lib/private/'))); $suburi = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen($serverroot))); $name = OC_Config::getValue('overwritewebroot', '') . $suburi; } @@ -135,12 +136,36 @@ class OC_Request { * @returns string Path info or false when not found */ public static function getRawPathInfo() { - $path_info = substr($_SERVER['REQUEST_URI'], strlen($_SERVER['SCRIPT_NAME'])); + $requestUri = $_SERVER['REQUEST_URI']; + // remove too many leading slashes - can be caused by reverse proxy configuration + if (strpos($requestUri, '/') === 0) { + $requestUri = '/' . ltrim($requestUri, '/'); + } + // Remove the query string from REQUEST_URI - if ($pos = strpos($path_info, '?')) { - $path_info = substr($path_info, 0, $pos); + if ($pos = strpos($requestUri, '?')) { + $requestUri = substr($requestUri, 0, $pos); } - return $path_info; + + $scriptName = $_SERVER['SCRIPT_NAME']; + $path_info = $requestUri; + + // strip off the script name's dir and file name + list($path, $name) = \Sabre_DAV_URLUtil::splitPath($scriptName); + if (!empty($path)) { + if( $path === $path_info || strpos($path_info, $path.'/') === 0) { + $path_info = substr($path_info, strlen($path)); + } else { + throw new Exception("The requested uri($requestUri) cannot be processed by the script '$scriptName')"); + } + } + if (strpos($path_info, '/'.$name) === 0) { + $path_info = substr($path_info, strlen($name) + 1); + } + if (strpos($path_info, $name) === 0) { + $path_info = substr($path_info, strlen($name)); + } + return rtrim($path_info, '/'); } /** |