diff options
Diffstat (limited to 'lib/request.php')
-rwxr-xr-x | lib/request.php | 32 |
1 files changed, 28 insertions, 4 deletions
diff --git a/lib/request.php b/lib/request.php index df33217f95d..1e19fd72eb0 100755 --- a/lib/request.php +++ b/lib/request.php @@ -135,12 +135,36 @@ class OC_Request { * @returns string Path info or false when not found */ public static function getRawPathInfo() { - $path_info = substr($_SERVER['REQUEST_URI'], strlen($_SERVER['SCRIPT_NAME'])); + $requestUri = $_SERVER['REQUEST_URI']; + // remove too many leading slashes - can be caused by reverse proxy configuration + if (strpos($requestUri, '/') === 0) { + $requestUri = '/' . ltrim($requestUri, '/'); + } + // Remove the query string from REQUEST_URI - if ($pos = strpos($path_info, '?')) { - $path_info = substr($path_info, 0, $pos); + if ($pos = strpos($requestUri, '?')) { + $requestUri = substr($requestUri, 0, $pos); } - return $path_info; + + $scriptName = $_SERVER['SCRIPT_NAME']; + $path_info = $requestUri; + + // strip off the script name's dir and file name + list($path, $name) = \Sabre_DAV_URLUtil::splitPath($scriptName); + if (!empty($path)) { + if( $path === $path_info || strpos($path_info, $path.'/') === 0) { + $path_info = substr($path_info, strlen($path)); + } else { + throw new Exception("The requested uri($requestUri) cannot be processed by the script '$scriptName')"); + } + } + if (strpos($path_info, '/'.$name) === 0) { + $path_info = substr($path_info, strlen($name) + 1); + } + if (strpos($path_info, $name) === 0) { + $path_info = substr($path_info, strlen($name)); + } + return rtrim($path_info, '/'); } /** |