[Pkg-owncloud-commits] [owncloud] 02/12: Add workaround for older instances

[David Prévot]

This is an automated email from the git hooks/post-receive script.

taffit pushed a commit to branch master
in repository owncloud.

commit 0b80c5e18e2dfbc492b380459a9b9dac4d2132c8
Author: Lukas Reschke <lukas at owncloud.com>
Date:   Wed Dec 3 21:13:27 2014 +0100

    Add workaround for older instances
    
    To be removed with oCAdd workaround for older instances
    
    To be removed with oC99
---
 lib/private/request.php | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/lib/private/request.php b/lib/private/request.php
index 263a7e8..70f458c 100644
--- a/lib/private/request.php
+++ b/lib/private/request.php
@@ -47,13 +47,13 @@ class OC_Request {
 	 * of trusted domains. If no trusted domains have been configured, returns
 	 * true.
 	 * This is used to prevent Host Header Poisoning.
-	 * @param string $domain
+	 * @param string $domainWithPort
 	 * @return bool true if the given domain is trusted or if no trusted domains
 	 * have been configured
 	 */
-	public static function isTrustedDomain($domain) {
+	public static function isTrustedDomain($domainWithPort) {
 		// Extract port from domain if needed
-		$domain = self::getDomainWithoutPort($domain);
+		$domain = self::getDomainWithoutPort($domainWithPort);
 
 		// FIXME: Empty config array defaults to true for now. - Deprecate this behaviour with ownCloud 8.
 		$trustedList = \OC::$server->getConfig()->getSystemValue('trusted_domains', array());
@@ -61,6 +61,11 @@ class OC_Request {
 			return true;
 		}
 
+		// FIXME: Workaround for older instances still with port applied. Remove for ownCloud 9.
+		if(in_array($domainWithPort, $trustedList)) {
+			return true;
+		}
+
 		// Always allow access from localhost
 		if (preg_match(self::REGEX_LOCALHOST, $domain) === 1) {
 			return true;

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git