Mirrors
/
nextcloud-server
mirror of https://github.com/nextcloud/server
3
0
Fork 0
Code Releases Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22323 Commits
695 Branches
1186 Tags
4.1 GiB
Tree: 8eda661761
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8eda661761'
${ noResults }
nextcloud-server/lib/private/request.php

340 lines
10 KiB
Raw Normal View History

Cache the minimized output also on the server
14 years ago
Added isUserAgent() method to request - added isUserAgent() method to OC_Request which makes it possible to test it - OC_Response::setContentDisposition now uses OC_Request::isUserAgent()
12 years ago
The regexp of the Freebox user agent is now more strict. A new unit test has been added in consequence.
12 years ago
Ignore port for trusted domains This lead to a lot of confusion in the past and did not really offer any value. Let's remove the port check therefore. (it's anyways not really a part of the domain) Fixes https://github.com/owncloud/core/issues/12150 and https://github.com/owncloud/core/issues/12123 and also a problem reported by @DeepDiver1975. Conflicts: lib/private/request.php
11 years ago
Do not show exception to the end-user Log the error instead of potentially leaking sensitive information
12 years ago
Added localhost as trusted domain
12 years ago
Add support for getting the real client IP behind proxies Fixes https://github.com/owncloud/core/issues/10624 Fix copy paste fail Add unittest for comma separated headers Revert 3rdparty
12 years ago
Do not show exception to the end-user Log the error instead of potentially leaking sensitive information
12 years ago
Add support for getting the real client IP behind proxies Fixes https://github.com/owncloud/core/issues/10624 Fix copy paste fail Add unittest for comma separated headers Revert 3rdparty
12 years ago
Do not show exception to the end-user Log the error instead of potentially leaking sensitive information
12 years ago
add SSL proxy support Add support for a reverse proxy that only forwards SSL connections unencrypted to the web server. This patch allows to detect the reverse proxy via regular expression for the remote IP address and conditional overwrite the host name, protocol and web root.
13 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
update PHPDoc
12 years ago
Replace @returns with @return, in /lib
12 years ago
add SSL proxy support Add support for a reverse proxy that only forwards SSL connections unencrypted to the web server. This patch allows to detect the reverse proxy via regular expression for the remote IP address and conditional overwrite the host name, protocol and web root.
13 years ago
Overwrite host and webroot when forcessl is enabled This patch enables the use of forcessl together with a multiple domains reverse SSL proxy (owncloud/core#1099) which have different hostname and webroot for http and https access. The code assumes that the ssl proxy (https) hostname and webroot is configured via overwritehost and overwritewebroot.
13 years ago
add SSL proxy support Add support for a reverse proxy that only forwards SSL connections unencrypted to the web server. This patch allows to detect the reverse proxy via regular expression for the remote IP address and conditional overwrite the host name, protocol and web root.
13 years ago
Overwrite host and webroot when forcessl is enabled This patch enables the use of forcessl together with a multiple domains reverse SSL proxy (owncloud/core#1099) which have different hostname and webroot for http and https access. The code assumes that the ssl proxy (https) hostname and webroot is configured via overwritehost and overwritewebroot.
13 years ago
request.php: add type check to the not empty check of a string The not equal comparison (<>) of a variable with an empty string could lead to false positive results as the compare do not check the type and thereby could not make sure that the checked variable is a string. The usage of the not identical comparison operator (!==) make sure that the variable is a string and not empty.
13 years ago
add SSL proxy support Add support for a reverse proxy that only forwards SSL connections unencrypted to the web server. This patch allows to detect the reverse proxy via regular expression for the remote IP address and conditional overwrite the host name, protocol and web root.
13 years ago
Trim port from domain Depending on the used environment the port might be appended to the host header resulting in an inaccessible instance when initially setting up on a system with a different HTTP or HTTPS port. (for example test:500) To test this setup ownCloud under a different port with and without this patch. (heads-up: localhost is always white-listed, so use a different domain)
11 years ago
Add overwritehost config on setup and upgrade
12 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
Show warning page when accessing server from an untrusted domain Added early check for the requested domain host and show a warning page if the domain is not trusted.
12 years ago
Add workaround for older instances To be removed with oCAdd workaround for older instances To be removed with oC99
11 years ago
Show warning page when accessing server from an untrusted domain Added early check for the requested domain host and show a warning page if the domain is not trusted.
12 years ago
Add overwritehost config on setup and upgrade
12 years ago
Add workaround for older instances To be removed with oCAdd workaround for older instances To be removed with oC99
11 years ago
Ignore port for trusted domains This lead to a lot of confusion in the past and did not really offer any value. Let's remove the port check therefore. (it's anyways not really a part of the domain) Fixes https://github.com/owncloud/core/issues/12150 and https://github.com/owncloud/core/issues/12123 and also a problem reported by @DeepDiver1975. Conflicts: lib/private/request.php
11 years ago
Add workaround for older instances To be removed with oCAdd workaround for older instances To be removed with oC99
11 years ago
Ignore port for trusted domains This lead to a lot of confusion in the past and did not really offer any value. Let's remove the port check therefore. (it's anyways not really a part of the domain) Fixes https://github.com/owncloud/core/issues/12150 and https://github.com/owncloud/core/issues/12123 and also a problem reported by @DeepDiver1975. Conflicts: lib/private/request.php
11 years ago
Show warning page when accessing server from an untrusted domain Added early check for the requested domain host and show a warning page if the domain is not trusted.
12 years ago
Ignore port for trusted domains This lead to a lot of confusion in the past and did not really offer any value. Let's remove the port check therefore. (it's anyways not really a part of the domain) Fixes https://github.com/owncloud/core/issues/12150 and https://github.com/owncloud/core/issues/12123 and also a problem reported by @DeepDiver1975. Conflicts: lib/private/request.php
11 years ago
Add workaround for older instances To be removed with oCAdd workaround for older instances To be removed with oC99
11 years ago
Ignore port for trusted domains This lead to a lot of confusion in the past and did not really offer any value. Let's remove the port check therefore. (it's anyways not really a part of the domain) Fixes https://github.com/owncloud/core/issues/12150 and https://github.com/owncloud/core/issues/12123 and also a problem reported by @DeepDiver1975. Conflicts: lib/private/request.php
11 years ago
Added localhost as trusted domain
12 years ago
Ignore port for trusted domains This lead to a lot of confusion in the past and did not really offer any value. Let's remove the port check therefore. (it's anyways not really a part of the domain) Fixes https://github.com/owncloud/core/issues/12150 and https://github.com/owncloud/core/issues/12123 and also a problem reported by @DeepDiver1975. Conflicts: lib/private/request.php
11 years ago
Add overwritehost config on setup and upgrade
12 years ago
Move serverHost and serverProtocol functions to OC_Request
14 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
Show warning page when accessing server from an untrusted domain Added early check for the requested domain host and show a warning page if the domain is not trusted.
12 years ago
Replace @returns with @return, in /lib
12 years ago
Move serverHost and serverProtocol functions to OC_Request
14 years ago
Show warning page when accessing server from an untrusted domain Added early check for the requested domain host and show a warning page if the domain is not trusted.
12 years ago
Move serverHost and serverProtocol functions to OC_Request
14 years ago
Fixed X-Forwarded-Host parsing
12 years ago
Show warning page when accessing server from an untrusted domain Added early check for the requested domain host and show a warning page if the domain is not trusted.
12 years ago
Add overwritehost config on setup and upgrade
12 years ago
Move serverHost and serverProtocol functions to OC_Request
14 years ago
Add overwritehost config on setup and upgrade
12 years ago
use $_SERVER['SERVER_NAME'] in case $_SERVER['HTTP_HOST'] is not set
13 years ago
Add overwritehost config on setup and upgrade
12 years ago
Show warning page when accessing server from an untrusted domain Added early check for the requested domain host and show a warning page if the domain is not trusted.
12 years ago
Add overwritehost config on setup and upgrade
12 years ago
use $_SERVER['SERVER_NAME'] in case $_SERVER['HTTP_HOST'] is not set
13 years ago
Move serverHost and serverProtocol functions to OC_Request
14 years ago
Show warning page when accessing server from an untrusted domain Added early check for the requested domain host and show a warning page if the domain is not trusted.
12 years ago
Fix PHPdoc in lib/private using scrutinizer patch
12 years ago
Show warning page when accessing server from an untrusted domain Added early check for the requested domain host and show a warning page if the domain is not trusted.
12 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
Show warning page when accessing server from an untrusted domain Added early check for the requested domain host and show a warning page if the domain is not trusted.
12 years ago
Replace @returns with @return, in /lib
12 years ago
Show warning page when accessing server from an untrusted domain Added early check for the requested domain host and show a warning page if the domain is not trusted.
12 years ago
Only overwrite serverHost when in unit tests The intention of the original commit 12f7cb87679453fa96c796df857b7e7193d4ee09 was to fix tests. But cron should always return a valid host not localhost.
12 years ago
Show warning page when accessing server from an untrusted domain Added early check for the requested domain host and show a warning page if the domain is not trusted.
12 years ago
Move serverHost and serverProtocol functions to OC_Request
14 years ago
Add overwritehost config on setup and upgrade
12 years ago
Show warning page when accessing server from an untrusted domain Added early check for the requested domain host and show a warning page if the domain is not trusted.
12 years ago
Add overwritehost config on setup and upgrade
12 years ago
Move serverHost and serverProtocol functions to OC_Request
14 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
Replace @returns with @return, in /lib
12 years ago
Move serverHost and serverProtocol functions to OC_Request
14 years ago
request.php: add type check to the not empty check of a string The not equal comparison (<>) of a variable with an empty string could lead to false positive results as the compare do not check the type and thereby could not make sure that the checked variable is a string. The usage of the not identical comparison operator (!==) make sure that the variable is a string and not empty.
13 years ago
Whitespace cleanup
13 years ago
make it possible to manually override the hostname and protocol if the automatic detection from ownCloud fails. This can happen in reverse proxy situations or with loadbalancers setups.
13 years ago
Move serverHost and serverProtocol functions to OC_Request
14 years ago
Add overwritehost config on setup and upgrade
12 years ago
Move serverHost and serverProtocol functions to OC_Request
14 years ago
Add overwritehost config on setup and upgrade
12 years ago
Move serverHost and serverProtocol functions to OC_Request
14 years ago
add multiple domains reverse proxy support Add support for a reverse proxy that handles multiple domains via different web roots (http[s]://proxy.tld/domain.tld/owncloud). As the reverse proxy web root is transparent for the web server the REQUEST_URI and SCRIPT_NAME need manual adjustments. This patch replace the direct use of this _SERVER variables with function calls and extend this functions to overwrite the web root. Additionally it adds a Sabre request backend that extends the Sabre_HTTP_Request to use the same functions.
14 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
Replace @returns with @return, in /lib
12 years ago
add multiple domains reverse proxy support Add support for a reverse proxy that handles multiple domains via different web roots (http[s]://proxy.tld/domain.tld/owncloud). As the reverse proxy web root is transparent for the web server the REQUEST_URI and SCRIPT_NAME need manual adjustments. This patch replace the direct use of this _SERVER variables with function calls and extend this functions to overwrite the web root. Additionally it adds a Sabre request backend that extends the Sabre_HTTP_Request to use the same functions.
14 years ago
polish documentation based on scrutinizer patches
12 years ago
add multiple domains reverse proxy support Add support for a reverse proxy that handles multiple domains via different web roots (http[s]://proxy.tld/domain.tld/owncloud). As the reverse proxy web root is transparent for the web server the REQUEST_URI and SCRIPT_NAME need manual adjustments. This patch replace the direct use of this _SERVER variables with function calls and extend this functions to overwrite the web root. Additionally it adds a Sabre request backend that extends the Sabre_HTTP_Request to use the same functions.
14 years ago
request.php: add type check to the not empty check of a string The not equal comparison (<>) of a variable with an empty string could lead to false positive results as the compare do not check the type and thereby could not make sure that the checked variable is a string. The usage of the not identical comparison operator (!==) make sure that the variable is a string and not empty.
13 years ago
add multiple domains reverse proxy support Add support for a reverse proxy that handles multiple domains via different web roots (http[s]://proxy.tld/domain.tld/owncloud). As the reverse proxy web root is transparent for the web server the REQUEST_URI and SCRIPT_NAME need manual adjustments. This patch replace the direct use of this _SERVER variables with function calls and extend this functions to overwrite the web root. Additionally it adds a Sabre request backend that extends the Sabre_HTTP_Request to use the same functions.
14 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
Fix more documentation failes Issue #7111
12 years ago
add multiple domains reverse proxy support Add support for a reverse proxy that handles multiple domains via different web roots (http[s]://proxy.tld/domain.tld/owncloud). As the reverse proxy web root is transparent for the web server the REQUEST_URI and SCRIPT_NAME need manual adjustments. This patch replace the direct use of this _SERVER variables with function calls and extend this functions to overwrite the web root. Additionally it adds a Sabre request backend that extends the Sabre_HTTP_Request to use the same functions.
14 years ago
Allow using "/" in "overwritewebroot" Whenever the reverse proxy is using "/" as the webroot, it is now possible to set that value in "overwritewebroot"
12 years ago
fix overwrite host support and make the code a bit more readable
12 years ago
add multiple domains reverse proxy support Add support for a reverse proxy that handles multiple domains via different web roots (http[s]://proxy.tld/domain.tld/owncloud). As the reverse proxy web root is transparent for the web server the REQUEST_URI and SCRIPT_NAME need manual adjustments. This patch replace the direct use of this _SERVER variables with function calls and extend this functions to overwrite the web root. Additionally it adds a Sabre request backend that extends the Sabre_HTTP_Request to use the same functions.
14 years ago
Allow using "/" in "overwritewebroot" Whenever the reverse proxy is using "/" as the webroot, it is now possible to set that value in "overwritewebroot"
12 years ago
add multiple domains reverse proxy support Add support for a reverse proxy that handles multiple domains via different web roots (http[s]://proxy.tld/domain.tld/owncloud). As the reverse proxy web root is transparent for the web server the REQUEST_URI and SCRIPT_NAME need manual adjustments. This patch replace the direct use of this _SERVER variables with function calls and extend this functions to overwrite the web root. Additionally it adds a Sabre request backend that extends the Sabre_HTTP_Request to use the same functions.
14 years ago
Move getting the path info to OC_Request
14 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
Fix more documentation failes Issue #7111
12 years ago
Move getting the path info to OC_Request
14 years ago
adding space between) and {
14 years ago
Move getting the path info to OC_Request
14 years ago
Use the plain urlencoded path info for the routing matching
13 years ago
Upgrade SabreDAV to 1.8.10 Updating SabreDAV namespaces
12 years ago
Decode the alternative path_info
14 years ago
Checkstyle fixes: NoSpaceAfterComma
14 years ago
Decode the alternative path_info
14 years ago
Whitespace indent fixes
13 years ago
Decode the alternative path_info
14 years ago
Move getting the path info to OC_Request
14 years ago
Use the plain urlencoded path info for the routing matching
13 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
Some more PHPDoc fixes
12 years ago
Fix more documentation failes Issue #7111
12 years ago
Use the plain urlencoded path info for the routing matching
13 years ago
Add unit tests for convertToRelativePath
12 years ago
handle duplicate slashes in case of reverse proxy configuration
12 years ago
in case uri and script name don't match we better throw an exception
12 years ago
fixes #6050
12 years ago
in case uri and script name don't match we better throw an exception
12 years ago
fixes #6050
12 years ago
Upgrade SabreDAV to 1.8.10 Updating SabreDAV namespaces
12 years ago
fixes #6050
12 years ago
in case uri and script name don't match we better throw an exception
12 years ago
fixing failing unit test
12 years ago
fixes #6050
12 years ago
Use the plain urlencoded path info for the routing matching
13 years ago
fixes #6050
12 years ago
Fix getRawPathInfo for the '/' edge case
12 years ago
Use the plain urlencoded path info for the routing matching
13 years ago
add a custom header clients can use to skip a n additional propset request
13 years ago
Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later
12 years ago
Fix more documentation failes Issue #7111
12 years ago
add a custom header clients can use to skip a n additional propset request
13 years ago
Added isUserAgent() method to request - added isUserAgent() method to OC_Request which makes it possible to test it - OC_Response::setContentDisposition now uses OC_Request::isUserAgent()
12 years ago
Cache the minimized output also on the server
14 years ago
  1. <?php
  2. /**
  3. * Copyright (c) 2012 Bart Visscher <bartv@thisnet.nl>
  4. * This file is licensed under the Affero General Public License version 3 or
  5. * later.
  6. * See the COPYING-README file.
  7. */
  9. class OC_Request {
  11. const USER_AGENT_IE = '/MSIE/';
  12. // Android Chrome user agent: https://developers.google.com/chrome/mobile/docs/user-agent
  13. const USER_AGENT_ANDROID_MOBILE_CHROME = '#Android.*Chrome/[.0-9]*#';
  14. const USER_AGENT_FREEBOX = '#^Mozilla/5\.0$#';
  15. const REGEX_LOCALHOST = '/^(127\.0\.0\.1|localhost)$/';
  16. static protected $reqId;
  18. /**
  19. * Returns the remote address, if the connection came from a trusted proxy and `forwarded_for_headers` has been configured
  20. * then the IP address specified in this header will be returned instead.
  21. * Do always use this instead of $_SERVER['REMOTE_ADDR']
  22. * @return string IP address
  23. */
  24. public static function getRemoteAddress() {
  25. $remoteAddress = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';
  26. $trustedProxies = \OC::$server->getConfig()->getSystemValue('trusted_proxies', array());
  28. if(is_array($trustedProxies) && in_array($remoteAddress, $trustedProxies)) {
  29. $forwardedForHeaders = \OC::$server->getConfig()->getSystemValue('forwarded_for_headers', array());
  31. foreach($forwardedForHeaders as $header) {
  32. if (array_key_exists($header, $_SERVER) === true) {
  33. foreach (explode(',', $_SERVER[$header]) as $IP) {
  34. $IP = trim($IP);
  35. if (filter_var($IP, FILTER_VALIDATE_IP) !== false) {
  36. return $IP;
  37. }
  38. }
  39. }
  40. }
  41. }
  43. return $remoteAddress;
  44. }
  46. /**
  47. * Returns an ID for the request, value is not guaranteed to be unique and is mostly meant for logging
  48. * @return string
  49. */
  50. public static function getRequestID() {
  51. if(self::$reqId === null) {
  52. self::$reqId = hash('md5', microtime().\OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate(20));
  53. }
  54. return self::$reqId;
  55. }
  57. /**
  58. * Check overwrite condition
  59. * @param string $type
  60. * @return bool
  61. */
  62. private static function isOverwriteCondition($type = '') {
  63. $regex = '/' . OC_Config::getValue('overwritecondaddr', '') . '/';
  64. return $regex === '//' or preg_match($regex, $_SERVER['REMOTE_ADDR']) === 1
  65. or ($type !== 'protocol' and OC_Config::getValue('forcessl', false));
  66. }
  68. /**
  69. * Strips a potential port from a domain (in format domain:port)
  70. * @param $host
  71. * @return string $host without appended port
  72. */
  73. public static function getDomainWithoutPort($host) {
  74. $pos = strrpos($host, ':');
  75. if ($pos !== false) {
  76. $port = substr($host, $pos + 1);
  77. if (is_numeric($port)) {
  78. $host = substr($host, 0, $pos);
  79. }
  80. }
  81. return $host;
  82. }
  84. /**
  85. * Checks whether a domain is considered as trusted from the list
  86. * of trusted domains. If no trusted domains have been configured, returns
  87. * true.
  88. * This is used to prevent Host Header Poisoning.
  89. * @param string $domainWithPort
  90. * @return bool true if the given domain is trusted or if no trusted domains
  91. * have been configured
  92. */
  93. public static function isTrustedDomain($domainWithPort) {
  94. // Extract port from domain if needed
  95. $domain = self::getDomainWithoutPort($domainWithPort);
  97. // FIXME: Empty config array defaults to true for now. - Deprecate this behaviour with ownCloud 8.
  98. $trustedList = \OC::$server->getConfig()->getSystemValue('trusted_domains', array());
  99. if (empty($trustedList)) {
  100. return true;
  101. }
  103. // FIXME: Workaround for older instances still with port applied. Remove for ownCloud 9.
  104. if(in_array($domainWithPort, $trustedList)) {
  105. return true;
  106. }
  108. // Always allow access from localhost
  109. if (preg_match(self::REGEX_LOCALHOST, $domain) === 1) {
  110. return true;
  111. }
  113. return in_array($domain, $trustedList);
  114. }
  116. /**
  117. * Returns the unverified server host from the headers without checking
  118. * whether it is a trusted domain
  119. * @return string the server host
  120. *
  121. * Returns the server host, even if the website uses one or more
  122. * reverse proxies
  123. */
  124. public static function insecureServerHost() {
  125. $host = null;
  126. if (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
  127. if (strpos($_SERVER['HTTP_X_FORWARDED_HOST'], ",") !== false) {
  128. $parts = explode(',', $_SERVER['HTTP_X_FORWARDED_HOST']);
  129. $host = trim(current($parts));
  130. } else {
  131. $host = $_SERVER['HTTP_X_FORWARDED_HOST'];
  132. }
  133. } else {
  134. if (isset($_SERVER['HTTP_HOST'])) {
  135. $host = $_SERVER['HTTP_HOST'];
  136. } else if (isset($_SERVER['SERVER_NAME'])) {
  137. $host = $_SERVER['SERVER_NAME'];
  138. }
  139. }
  140. return $host;
  141. }
  143. /**
  144. * Returns the overwritehost setting from the config if set and
  145. * if the overwrite condition is met
  146. * @return string|null overwritehost value or null if not defined or the defined condition
  147. * isn't met
  148. */
  149. public static function getOverwriteHost() {
  150. if(OC_Config::getValue('overwritehost', '') !== '' and self::isOverwriteCondition()) {
  151. return OC_Config::getValue('overwritehost');
  152. }
  153. return null;
  154. }
  156. /**
  157. * Returns the server host from the headers, or the first configured
  158. * trusted domain if the host isn't in the trusted list
  159. * @return string the server host
  160. *
  161. * Returns the server host, even if the website uses one or more
  162. * reverse proxies
  163. */
  164. public static function serverHost() {
  165. if (OC::$CLI && defined('PHPUNIT_RUN')) {
  166. return 'localhost';
  167. }
  169. // overwritehost is always trusted
  170. $host = self::getOverwriteHost();
  171. if ($host !== null) {
  172. return $host;
  173. }
  175. // get the host from the headers
  176. $host = self::insecureServerHost();
  178. // Verify that the host is a trusted domain if the trusted domains
  179. // are defined
  180. // If no trusted domain is provided the first trusted domain is returned
  181. if (self::isTrustedDomain($host)) {
  182. return $host;
  183. } else {
  184. $trustedList = \OC_Config::getValue('trusted_domains', array(''));
  185. return $trustedList[0];
  186. }
  187. }
  189. /**
  190. * Returns the server protocol
  191. * @return string the server protocol
  192. *
  193. * Returns the server protocol. It respects reverse proxy servers and load balancers
  194. */
  195. public static function serverProtocol() {
  196. if(OC_Config::getValue('overwriteprotocol', '') !== '' and self::isOverwriteCondition('protocol')) {
  197. return OC_Config::getValue('overwriteprotocol');
  198. }
  199. if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
  200. $proto = strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']);
  201. // Verify that the protocol is always HTTP or HTTPS
  202. // default to http if an invalid value is provided
  203. return $proto === 'https' ? 'https' : 'http';
  204. }
  205. if (isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') {
  206. return 'https';
  207. }
  208. return 'http';
  209. }
  211. /**
  212. * Returns the request uri
  213. * @return string the request uri
  214. *
  215. * Returns the request uri, even if the website uses one or more
  216. * reverse proxies
  217. * @return string
  218. */
  219. public static function requestUri() {
  220. $uri = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '';
  221. if (OC_Config::getValue('overwritewebroot', '') !== '' and self::isOverwriteCondition()) {
  222. $uri = self::scriptName() . substr($uri, strlen($_SERVER['SCRIPT_NAME']));
  223. }
  224. return $uri;
  225. }
  227. /**
  228. * Returns the script name
  229. * @return string the script name
  230. *
  231. * Returns the script name, even if the website uses one or more
  232. * reverse proxies
  233. */
  234. public static function scriptName() {
  235. $name = $_SERVER['SCRIPT_NAME'];
  236. $overwriteWebRoot = OC_Config::getValue('overwritewebroot', '');
  237. if ($overwriteWebRoot !== '' and self::isOverwriteCondition()) {
  238. $serverroot = str_replace("\\", '/', substr(__DIR__, 0, -strlen('lib/private/')));
  239. $suburi = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen($serverroot)));
  240. $name = '/' . ltrim($overwriteWebRoot . $suburi, '/');
  241. }
  242. return $name;
  243. }
  245. /**
  246. * get Path info from request
  247. * @return string Path info or false when not found
  248. */
  249. public static function getPathInfo() {
  250. if (array_key_exists('PATH_INFO', $_SERVER)) {
  251. $path_info = $_SERVER['PATH_INFO'];
  252. }else{
  253. $path_info = self::getRawPathInfo();
  254. // following is taken from \Sabre\DAV\URLUtil::decodePathSegment
  255. $path_info = rawurldecode($path_info);
  256. $encoding = mb_detect_encoding($path_info, array('UTF-8', 'ISO-8859-1'));
  258. switch($encoding) {
  260. case 'ISO-8859-1' :
  261. $path_info = utf8_encode($path_info);
  263. }
  264. // end copy
  265. }
  266. return $path_info;
  267. }
  269. /**
  270. * get Path info from request, not urldecoded
  271. * @throws Exception
  272. * @return string Path info or false when not found
  273. */
  274. public static function getRawPathInfo() {
  275. $requestUri = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '';
  276. // remove too many leading slashes - can be caused by reverse proxy configuration
  277. if (strpos($requestUri, '/') === 0) {
  278. $requestUri = '/' . ltrim($requestUri, '/');
  279. }
  281. // Remove the query string from REQUEST_URI
  282. if ($pos = strpos($requestUri, '?')) {
  283. $requestUri = substr($requestUri, 0, $pos);
  284. }
  286. $scriptName = $_SERVER['SCRIPT_NAME'];
  287. $path_info = $requestUri;
  289. // strip off the script name's dir and file name
  290. list($path, $name) = \Sabre\DAV\URLUtil::splitPath($scriptName);
  291. if (!empty($path)) {
  292. if( $path === $path_info || strpos($path_info, $path.'/') === 0) {
  293. $path_info = substr($path_info, strlen($path));
  294. } else {
  295. throw new Exception("The requested uri($requestUri) cannot be processed by the script '$scriptName')");
  296. }
  297. }
  298. if (strpos($path_info, '/'.$name) === 0) {
  299. $path_info = substr($path_info, strlen($name) + 1);
  300. }
  301. if (strpos($path_info, $name) === 0) {
  302. $path_info = substr($path_info, strlen($name));
  303. }
  304. if($path_info === '/'){
  305. return '';
  306. } else {
  307. return $path_info;
  308. }
  309. }
  311. /**
  312. * Check if the requester sent along an mtime
  313. * @return false or an mtime
  314. */
  315. static public function hasModificationTime () {
  316. if (isset($_SERVER['HTTP_X_OC_MTIME'])) {
  317. return $_SERVER['HTTP_X_OC_MTIME'];
  318. } else {
  319. return false;
  320. }
  321. }
  323. /**
  324. * Checks whether the user agent matches a given regex
  325. * @param string|array $agent agent name or array of agent names
  326. * @return boolean true if at least one of the given agent matches,
  327. * false otherwise
  328. */
  329. static public function isUserAgent($agent) {
  330. if (!is_array($agent)) {
  331. $agent = array($agent);
  332. }
  333. foreach ($agent as $regex) {
  334. if (preg_match($regex, $_SERVER['HTTP_USER_AGENT'])) {
  335. return true;
  336. }
  337. }
  338. return false;
  339. }
  340. }