From baa9503442b5161f1a93d6cd8e6b3629a576fe12 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Mon, 11 May 2015 15:56:37 +0200 Subject: Use OC.webroot instead of calculating the URL Calculating the URL is error-prone as it doesn't work when for example `public.php` is requested and might even be harmful as it could leak sensitive information. Since `oc.js` is even available when maintenance mode is available it is better to use the global `OC.webroot` that is not controlled by any user. --- core/js/maintenance-check.js | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'core') diff --git a/core/js/maintenance-check.js b/core/js/maintenance-check.js index 061a434214b..663f7fb5f00 100644 --- a/core/js/maintenance-check.js +++ b/core/js/maintenance-check.js @@ -3,10 +3,7 @@ window.setInterval(checkStatus, 20000); function checkStatus() { var request = new XMLHttpRequest(); - var ocroot = location.pathname.substr( - 0, location.pathname.indexOf('index.php') - ); - request.open("GET", ocroot+'status.php', true); + request.open("GET", OC.webroot+'/status.php', true); request.onreadystatechange = function() { if (request.readyState === 4) { var response = request.responseText; -- cgit v1.2.3