Inicio Explorar Axuda
Iniciar sesión
RISCI_ATOM
/
nextcloud-server
réplica de https://github.com/nextcloud/server.git
1
0
Fork 0
Ficheiros Incidencias 23 Wiki
Explorar o código

Merge pull request #17431 from johkoenig/bugfix/17377/trusted_domain_helper_case_insensitive

make TrustedDomainHelper case insensitive
Roeland Jago Douma %!s(int64=4) %!d(string=hai) anos
pai
f2d44b87bb 2df8d646c1
achega
075a0b24d5
Modificáronse 2 ficheiros con 6 adicións e 1 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 1 1
      lib/private/Security/TrustedDomainHelper.php
  2. 5 0
      tests/lib/Security/TrustedDomainHelperTest.php

+ 1 - 1
lib/private/Security/TrustedDomainHelper.php
Ver ficheiro 

@@ -90,7 +90,7 @@ class TrustedDomainHelper {
 
 			if (gettype($trusted) !== 'string') {
 
 				break;
 
 			}
 
-			$regex = '/^' . implode('[-\.a-zA-Z0-9]*', array_map(function($v) { return preg_quote($v, '/'); }, explode('*', $trusted))) . '$/';
 
+			$regex = '/^' . implode('[-\.a-zA-Z0-9]*', array_map(function($v) { return preg_quote($v, '/'); }, explode('*', $trusted))) . '$/i';
 
 			if (preg_match($regex, $domain) || preg_match($regex, $domainWithPort)) {
 
  				return true;
 
  			}

+ 5 - 0
tests/lib/Security/TrustedDomainHelperTest.php
Ver ficheiro 

@@ -54,6 +54,8 @@ class TrustedDomainHelperTest extends \Test\TestCase {
 
 			'cen*ter',
 
 			'*.leadingwith.port:123',
 
 			'trailingwith.port*:456',
 
+			'UPPERCASE.DOMAIN',
 
+			'lowercase.domain',
 
 		];
 
 		return [
 
 			// empty defaults to false with 8.1
 
@@ -106,6 +108,9 @@ class TrustedDomainHelperTest extends \Test\TestCase {
 
 			[$trustedHostTestList, '-bad', false],
 
 			[$trustedHostTestList, '-bad.leading.host', false],
 
 			[$trustedHostTestList, 'bad..der.leading.host', false],
 
+			// case sensitivity
 
+			[$trustedHostTestList, 'uppercase.domain', true],
 
+			[$trustedHostTestList, 'LOWERCASE.DOMAIN', true],
 
 		];
 
 	}
 
 }