[Pkg-owncloud-commits] [owncloud] 22/118: Extract the remote host from user input in share dropdown
David Prévot
taffit at moszumanska.debian.org
Fri Mar 27 22:13:08 UTC 2015
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to branch stable8
in repository owncloud.
commit 625bb3c4d5f383437235d1fb9e7eaf3c190613c3
Author: Joas Schilling <nickvergessen at gmx.de>
Date: Mon Feb 2 19:54:56 2015 +0100
Extract the remote host from user input in share dropdown
Fix #13678
---
lib/private/share/helper.php | 30 ++++++++++++++++++++++++++
lib/private/share/share.php | 2 +-
tests/lib/share/helper.php | 51 ++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 82 insertions(+), 1 deletion(-)
diff --git a/lib/private/share/helper.php b/lib/private/share/helper.php
index 6059af0..55b71ce 100644
--- a/lib/private/share/helper.php
+++ b/lib/private/share/helper.php
@@ -221,4 +221,34 @@ class Helper extends \OC\Share\Constants {
return $expires;
}
+
+ /**
+ * Extracts the necessary remote name from a given link
+ *
+ * Strips away a potential file name, to allow
+ * - user
+ * - user at localhost
+ * - user at http://localhost
+ * - user at http://localhost/
+ * - user at http://localhost/index.php
+ * - user at http://localhost/index.php/s/{shareToken}
+ *
+ * @param string $shareWith
+ * @return string
+ */
+ public static function fixRemoteURLInShareWith($shareWith) {
+ if (strpos($shareWith, '@')) {
+ list($user, $remote) = explode('@', $shareWith, 2);
+
+ $remote = str_replace('\\', '/', $remote);
+ if ($fileNamePosition = strpos($remote, '/index.php')) {
+ $remote = substr($remote, 0, $fileNamePosition);
+ }
+ $remote = rtrim($remote, '/');
+
+ $shareWith = $user . '@' . $remote;
+ }
+
+ return rtrim($shareWith, '/');
+ }
}
diff --git a/lib/private/share/share.php b/lib/private/share/share.php
index 9c3c6a2..9af5672 100644
--- a/lib/private/share/share.php
+++ b/lib/private/share/share.php
@@ -724,7 +724,7 @@ class Share extends \OC\Share\Constants {
$token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(self::TOKEN_LENGTH, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_UPPER .
\OCP\Security\ISecureRandom::CHAR_DIGITS);
- $shareWith = rtrim($shareWith, '/');
+ $shareWith = Helper::fixRemoteURLInShareWith($shareWith);
$shareId = self::put($itemType, $itemSource, $shareType, $shareWith, $uidOwner, $permissions, null, $token, $itemSourceName);
$send = false;
diff --git a/tests/lib/share/helper.php b/tests/lib/share/helper.php
index 7a54641..0385263 100644
--- a/tests/lib/share/helper.php
+++ b/tests/lib/share/helper.php
@@ -49,4 +49,55 @@ class Test_Share_Helper extends \Test\TestCase {
$result = \OC\Share\Helper::calculateExpireDate($defaultExpireSettings, $creationTime, $userExpireDate);
$this->assertSame($expected, $result);
}
+
+ public function fixRemoteURLInShareWithData() {
+ $userPrefix = ['test@', 'na/me@'];
+ $protocols = ['', 'http://', 'https://'];
+ $remotes = [
+ 'localhost',
+ 'test:foobar at localhost',
+ 'local.host',
+ 'dev.local.host',
+ 'dev.local.host/path',
+ '127.0.0.1',
+ '::1',
+ '::192.0.2.128',
+ ];
+
+ $testCases = [
+ ['test', 'test'],
+ ['na/me', 'na/me'],
+ ['na/me/', 'na/me'],
+ ['na/index.php', 'na/index.php'],
+ ['http://localhost', 'http://localhost'],
+ ['http://localhost/', 'http://localhost'],
+ ['http://localhost/index.php', 'http://localhost/index.php'],
+ ['http://localhost/index.php/s/token', 'http://localhost/index.php/s/token'],
+ ['http://test:foobar@localhost', 'http://test:foobar@localhost'],
+ ['http://test:foobar@localhost/', 'http://test:foobar@localhost'],
+ ['http://test:foobar@localhost/index.php', 'http://test:foobar@localhost'],
+ ['http://test:foobar@localhost/index.php/s/token', 'http://test:foobar@localhost'],
+ ];
+
+ foreach ($userPrefix as $user) {
+ foreach ($remotes as $remote) {
+ foreach ($protocols as $protocol) {
+ $baseUrl = $user . $protocol . $remote;
+
+ $testCases[] = [$baseUrl, $baseUrl];
+ $testCases[] = [$baseUrl . '/', $baseUrl];
+ $testCases[] = [$baseUrl . '/index.php', $baseUrl];
+ $testCases[] = [$baseUrl . '/index.php/s/token', $baseUrl];
+ }
+ }
+ }
+ return $testCases;
+ }
+
+ /**
+ * @dataProvider fixRemoteURLInShareWithData
+ */
+ public function testFixRemoteURLInShareWith($remote, $expected) {
+ $this->assertSame($expected, \OC\Share\Helper::fixRemoteURLInShareWith($remote));
+ }
}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git
More information about the Pkg-owncloud-commits
mailing list