summaryrefslogtreecommitdiffstats
path: root/lib/request.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/request.php')
-rwxr-xr-xlib/request.php32
1 files changed, 28 insertions, 4 deletions
diff --git a/lib/request.php b/lib/request.php
index df33217f95d..1e19fd72eb0 100755
--- a/lib/request.php
+++ b/lib/request.php
@@ -135,12 +135,36 @@ class OC_Request {
* @returns string Path info or false when not found
*/
public static function getRawPathInfo() {
- $path_info = substr($_SERVER['REQUEST_URI'], strlen($_SERVER['SCRIPT_NAME']));
+ $requestUri = $_SERVER['REQUEST_URI'];
+ // remove too many leading slashes - can be caused by reverse proxy configuration
+ if (strpos($requestUri, '/') === 0) {
+ $requestUri = '/' . ltrim($requestUri, '/');
+ }
+
// Remove the query string from REQUEST_URI
- if ($pos = strpos($path_info, '?')) {
- $path_info = substr($path_info, 0, $pos);
+ if ($pos = strpos($requestUri, '?')) {
+ $requestUri = substr($requestUri, 0, $pos);
}
- return $path_info;
+
+ $scriptName = $_SERVER['SCRIPT_NAME'];
+ $path_info = $requestUri;
+
+ // strip off the script name's dir and file name
+ list($path, $name) = \Sabre_DAV_URLUtil::splitPath($scriptName);
+ if (!empty($path)) {
+ if( $path === $path_info || strpos($path_info, $path.'/') === 0) {
+ $path_info = substr($path_info, strlen($path));
+ } else {
+ throw new Exception("The requested uri($requestUri) cannot be processed by the script '$scriptName')");
+ }
+ }
+ if (strpos($path_info, '/'.$name) === 0) {
+ $path_info = substr($path_info, strlen($name) + 1);
+ }
+ if (strpos($path_info, $name) === 0) {
+ $path_info = substr($path_info, strlen($name));
+ }
+ return rtrim($path_info, '/');
}
/**