1
0

public.php 2.8 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495
  1. <?php
  2. /**
  3. * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
  4. * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
  5. * SPDX-License-Identifier: AGPL-3.0-only
  6. */
  7. require_once __DIR__ . '/lib/versioncheck.php';
  8. use Psr\Log\LoggerInterface;
  9. /**
  10. * @param $service
  11. * @return string
  12. */
  13. function resolveService(string $service): string {
  14. $services = [
  15. 'webdav' => 'dav/appinfo/v1/publicwebdav.php',
  16. 'dav' => 'dav/appinfo/v2/publicremote.php',
  17. ];
  18. if (isset($services[$service])) {
  19. return $services[$service];
  20. }
  21. return \OC::$server->getConfig()->getAppValue('core', 'remote_' . $service);
  22. }
  23. try {
  24. require_once __DIR__ . '/lib/base.php';
  25. // All resources served via the DAV endpoint should have the strictest possible
  26. // policy. Exempted from this is the SabreDAV browser plugin which overwrites
  27. // this policy with a softer one if debug mode is enabled.
  28. header("Content-Security-Policy: default-src 'none';");
  29. // Check if Nextcloud is in maintenance mode
  30. if (\OCP\Util::needUpgrade()) {
  31. // since the behavior of apps or remotes are unpredictable during
  32. // an upgrade, return a 503 directly
  33. throw new \Exception('Service unavailable', 503);
  34. }
  35. $request = \OC::$server->getRequest();
  36. $pathInfo = $request->getPathInfo();
  37. if ($pathInfo === false || $pathInfo === '') {
  38. throw new \Exception('Path not found', 404);
  39. }
  40. // Extract the service from the path
  41. if (!$pos = strpos($pathInfo, '/', 1)) {
  42. $pos = strlen($pathInfo);
  43. }
  44. $service = substr($pathInfo, 1, $pos - 1);
  45. // Resolve the service to a file
  46. $file = resolveService($service);
  47. if (!$file) {
  48. throw new \Exception('Path not found', 404);
  49. }
  50. // Extract the app from the service file
  51. $file = ltrim($file, '/');
  52. $parts = explode('/', $file, 2);
  53. $app = $parts[0];
  54. // Load all required applications
  55. \OC::$REQUESTEDAPP = $app;
  56. OC_App::loadApps(['authentication']);
  57. OC_App::loadApps(['extended_authentication']);
  58. OC_App::loadApps(['filesystem', 'logging']);
  59. // Check if the app is enabled
  60. if (!\OC::$server->getAppManager()->isInstalled($app)) {
  61. throw new \Exception('App not installed: ' . $app);
  62. }
  63. // Load the app
  64. OC_App::loadApp($app);
  65. OC_User::setIncognitoMode(true);
  66. $baseuri = OC::$WEBROOT . '/public.php/'.$service.'/';
  67. require_once $file;
  68. } catch (Exception $ex) {
  69. $status = 500;
  70. if ($ex instanceof \OC\ServiceUnavailableException) {
  71. $status = 503;
  72. }
  73. //show the user a detailed error page
  74. \OCP\Server::get(LoggerInterface::class)->error($ex->getMessage(), ['app' => 'public', 'exception' => $ex]);
  75. OC_Template::printExceptionErrorPage($ex, $status);
  76. } catch (Error $ex) {
  77. //show the user a detailed error page
  78. \OCP\Server::get(LoggerInterface::class)->error($ex->getMessage(), ['app' => 'public', 'exception' => $ex]);
  79. OC_Template::printExceptionErrorPage($ex, 500);
  80. }