1
0

public.php 2.6 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889
  1. <?php
  2. /**
  3. * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  4. * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
  5. * SPDX-License-Identifier: AGPL-3.0-only
  6. */
  7. require_once __DIR__ . '/lib/versioncheck.php';
  8. use Psr\Log\LoggerInterface;
  9. /**
  10. * @param $service
  11. * @return string
  12. */
  13. function resolveService(string $service): string {
  14. $services = [
  15. 'webdav' => 'dav/appinfo/v1/publicwebdav.php',
  16. 'dav' => 'dav/appinfo/v2/publicremote.php',
  17. ];
  18. if (isset($services[$service])) {
  19. return $services[$service];
  20. }
  21. return \OC::$server->getConfig()->getAppValue('core', 'remote_' . $service);
  22. }
  23. try {
  24. require_once __DIR__ . '/lib/base.php';
  25. // All resources served via the DAV endpoint should have the strictest possible
  26. // policy. Exempted from this is the SabreDAV browser plugin which overwrites
  27. // this policy with a softer one if debug mode is enabled.
  28. header("Content-Security-Policy: default-src 'none';");
  29. if (\OCP\Util::needUpgrade()) {
  30. // since the behavior of apps or remotes are unpredictable during
  31. // an upgrade, return a 503 directly
  32. throw new RemoteException('Service unavailable', 503);
  33. }
  34. $request = \OC::$server->getRequest();
  35. $pathInfo = $request->getPathInfo();
  36. if ($pathInfo === false || $pathInfo === '') {
  37. throw new RemoteException('Path not found', 404);
  38. }
  39. if (!$pos = strpos($pathInfo, '/', 1)) {
  40. $pos = strlen($pathInfo);
  41. }
  42. $service = substr($pathInfo, 1, $pos - 1);
  43. $file = resolveService($service);
  44. if (!$file) {
  45. throw new RemoteException('Path not found', 404);
  46. }
  47. $file = ltrim($file, '/');
  48. $parts = explode('/', $file, 2);
  49. $app = $parts[0];
  50. // Load all required applications
  51. \OC::$REQUESTEDAPP = $app;
  52. OC_App::loadApps(['authentication']);
  53. OC_App::loadApps(['extended_authentication']);
  54. OC_App::loadApps(['filesystem', 'logging']);
  55. if (!\OC::$server->getAppManager()->isInstalled($app)) {
  56. throw new RemoteException('App not installed: ' . $app);
  57. }
  58. OC_App::loadApp($app);
  59. OC_User::setIncognitoMode(true);
  60. $baseuri = OC::$WEBROOT . '/public.php/'.$service.'/';
  61. require_once $file;
  62. } catch (Exception $ex) {
  63. $status = 500;
  64. if ($ex instanceof \OC\ServiceUnavailableException) {
  65. $status = 503;
  66. }
  67. //show the user a detailed error page
  68. \OCP\Server::get(LoggerInterface::class)->error($ex->getMessage(), ['app' => 'public', 'exception' => $ex]);
  69. OC_Template::printExceptionErrorPage($ex, $status);
  70. } catch (Error $ex) {
  71. //show the user a detailed error page
  72. \OCP\Server::get(LoggerInterface::class)->error($ex->getMessage(), ['app' => 'public', 'exception' => $ex]);
  73. OC_Template::printExceptionErrorPage($ex, 500);
  74. }