From 886bda5f81d52ba4443094e4c2fffac33c27bc4b Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Tue, 10 Feb 2015 13:02:48 +0100 Subject: Refactor OC_Request into TrustedDomainHelper and IRequest This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed. This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions. Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though. Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969 --- lib/private/security/trusteddomainhelper.php | 75 ++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) create mode 100644 lib/private/security/trusteddomainhelper.php (limited to 'lib/private/security') diff --git a/lib/private/security/trusteddomainhelper.php b/lib/private/security/trusteddomainhelper.php new file mode 100644 index 00000000000..593263897be --- /dev/null +++ b/lib/private/security/trusteddomainhelper.php @@ -0,0 +1,75 @@ + + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + +namespace OC\Security; +use OC\AppFramework\Http\Request; +use OCP\IConfig; + +/** + * Class TrustedDomain + * + * @package OC\Security + */ +class TrustedDomainHelper { + /** @var IConfig */ + private $config; + + /** + * @param IConfig $config + */ + function __construct(IConfig $config) { + $this->config = $config; + } + + /** + * Strips a potential port from a domain (in format domain:port) + * @param $host + * @return string $host without appended port + */ + private function getDomainWithoutPort($host) { + $pos = strrpos($host, ':'); + if ($pos !== false) { + $port = substr($host, $pos + 1); + if (is_numeric($port)) { + $host = substr($host, 0, $pos); + } + } + return $host; + } + + /** + * Checks whether a domain is considered as trusted from the list + * of trusted domains. If no trusted domains have been configured, returns + * true. + * This is used to prevent Host Header Poisoning. + * @param string $domainWithPort + * @return bool true if the given domain is trusted or if no trusted domains + * have been configured + */ + public function isTrustedDomain($domainWithPort) { + $domain = $this->getDomainWithoutPort($domainWithPort); + + // Read trusted domains from config + $trustedList = $this->config->getSystemValue('trusted_domains', []); + if(!is_array($trustedList)) { + return false; + } + + // TODO: Workaround for older instances still with port applied. Remove for ownCloud 9. + if(in_array($domainWithPort, $trustedList)) { + return true; + } + + // Always allow access from localhost + if (preg_match(Request::REGEX_LOCALHOST, $domain) === 1) { + return true; + } + return in_array($domain, $trustedList); + } + +} -- cgit v1.2.3