backport webcal access rules from DAV app implementation
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
This commit is contained in:
parent
7481a4d601
commit
0cdb36e7b3
|
@ -58,8 +58,9 @@ class Application extends App {
|
|||
$client = $c->getServer()->getHTTPClientService();
|
||||
$l10n = $c->getServer()->getL10N($c->query('AppName'));
|
||||
$logger = $c->getServer()->getLogger();
|
||||
$config = $c->getServer()->getConfig();
|
||||
|
||||
return new Controller\ProxyController($c->getAppName(), $request, $client, $l10n, $logger);
|
||||
return new Controller\ProxyController($c->getAppName(), $request, $client, $l10n, $logger, $config);
|
||||
});
|
||||
|
||||
$container->registerService('SettingsController', function(IAppContainer $c) {
|
||||
|
|
|
@ -30,6 +30,7 @@ use OCP\AppFramework\Http\JSONResponse;
|
|||
use OCP\AppFramework\Http\DataDisplayResponse;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\Http\Client\IClientService;
|
||||
use OCP\IConfig;
|
||||
use OCP\IL10N;
|
||||
use OCP\ILogger;
|
||||
use OCP\IRequest;
|
||||
|
@ -52,20 +53,28 @@ class ProxyController extends Controller {
|
|||
*/
|
||||
protected $logger;
|
||||
|
||||
/**
|
||||
* @var IConfig
|
||||
*/
|
||||
protected $config;
|
||||
|
||||
/**
|
||||
* @param string $appName
|
||||
* @param IRequest $request an instance of the request
|
||||
* @param IClientService $client
|
||||
* @param IL10N $l10n
|
||||
* @param ILogger $logger
|
||||
* @param IConfig $config
|
||||
*/
|
||||
public function __construct($appName, IRequest $request,
|
||||
IClientService $client,
|
||||
IL10N $l10n, ILogger $logger) {
|
||||
IL10N $l10n, ILogger $logger,
|
||||
IConfig $config) {
|
||||
parent::__construct($appName, $request);
|
||||
$this->client = $client;
|
||||
$this->l10n = $l10n;
|
||||
$this->logger = $logger;
|
||||
$this->config = $config;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -83,6 +92,27 @@ class ProxyController extends Controller {
|
|||
$max_redirects = 5;
|
||||
$done = false;
|
||||
|
||||
$allowLocalAccess = $this->config->getAppValue('dav', 'webcalAllowLocalAccess', 'no');
|
||||
if ($allowLocalAccess !== 'yes') {
|
||||
$host = parse_url($url, PHP_URL_HOST);
|
||||
// remove brackets from IPv6 addresses
|
||||
if (strpos($host, '[') === 0 && substr($host, -1) === ']') {
|
||||
$host = substr($host, 1, -1);
|
||||
}
|
||||
|
||||
if ($host === 'localhost' || substr($host, -6) === '.local' || substr($host, -10) === '.localhost' ||
|
||||
preg_match('/(^127\.)|(^192\.168\.)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/', $host)) {
|
||||
$this->logger->warning("Subscription $url was not refreshed because it violates local access rules");
|
||||
|
||||
$response = new JSONResponse([
|
||||
'message' => $this->l10n->t('URL violates local access rules'),
|
||||
'proxy_code' => 403
|
||||
], Http::STATUS_UNPROCESSABLE_ENTITY);
|
||||
|
||||
return $response;
|
||||
}
|
||||
}
|
||||
|
||||
// try to find a chain of 301s
|
||||
do {
|
||||
$clientResponse = $client->get($queryUrl, [
|
||||
|
|
|
@ -34,6 +34,7 @@ class ProxyControllerTest extends TestCase {
|
|||
private $client;
|
||||
private $l10n;
|
||||
private $logger;
|
||||
private $config;
|
||||
|
||||
private $newClient;
|
||||
private $response0;
|
||||
|
@ -61,6 +62,9 @@ class ProxyControllerTest extends TestCase {
|
|||
$this->logger = $this->getMockBuilder('\OCP\ILogger')
|
||||
->disableOriginalConstructor()
|
||||
->getMock();
|
||||
$this->config = $this->getMockBuilder('\OCP\IConfig')
|
||||
->disableOriginalConstructor()
|
||||
->getMock();
|
||||
|
||||
$this->newClient = $this->getMockBuilder('\OCP\Http\Client\IClient')
|
||||
->disableOriginalConstructor()
|
||||
|
@ -100,8 +104,12 @@ class ProxyControllerTest extends TestCase {
|
|||
->getMock();
|
||||
}
|
||||
|
||||
$this->config->method('getAppValue')
|
||||
->with('dav', 'webcalAllowLocalAccess', 'no')
|
||||
->willReturn('no');
|
||||
|
||||
$this->controller = new ProxyController($this->appName, $this->request,
|
||||
$this->client, $this->l10n, $this->logger);
|
||||
$this->client, $this->l10n, $this->logger, $this->config);
|
||||
}
|
||||
|
||||
public function testProxy() {
|
||||
|
|
Loading…
Reference in New Issue