TrustedDomainHelper.php 3.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * @copyright Copyright (c) 2016, ownCloud, Inc.
  5. *
  6. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  7. * @author J0WI <J0WI@users.noreply.github.com>
  8. * @author Johannes Ernst <jernst@indiecomputing.com>
  9. * @author Julius Härtl <jus@bitgrid.net>
  10. * @author Lukas Reschke <lukas@statuscode.ch>
  11. * @author Roeland Jago Douma <roeland@famdouma.nl>
  12. *
  13. * @license AGPL-3.0
  14. *
  15. * This code is free software: you can redistribute it and/or modify
  16. * it under the terms of the GNU Affero General Public License, version 3,
  17. * as published by the Free Software Foundation.
  18. *
  19. * This program is distributed in the hope that it will be useful,
  20. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  21. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  22. * GNU Affero General Public License for more details.
  23. *
  24. * You should have received a copy of the GNU Affero General Public License, version 3,
  25. * along with this program. If not, see <http://www.gnu.org/licenses/>
  26. *
  27. */
  28. namespace OC\Security;
  29. use OC\AppFramework\Http\Request;
  30. use OCP\IConfig;
  31. use OCP\Security\ITrustedDomainHelper;
  32. class TrustedDomainHelper implements ITrustedDomainHelper {
  33. public function __construct(
  34. private IConfig $config,
  35. ) {
  36. }
  37. /**
  38. * Strips a potential port from a domain (in format domain:port)
  39. * @return string $host without appended port
  40. */
  41. private function getDomainWithoutPort(string $host): string {
  42. $pos = strrpos($host, ':');
  43. if ($pos !== false) {
  44. $port = substr($host, $pos + 1);
  45. if (is_numeric($port)) {
  46. $host = substr($host, 0, $pos);
  47. }
  48. }
  49. return $host;
  50. }
  51. /**
  52. * {@inheritDoc}
  53. */
  54. public function isTrustedUrl(string $url): bool {
  55. $parsedUrl = parse_url($url);
  56. if (empty($parsedUrl['host'])) {
  57. return false;
  58. }
  59. if (isset($parsedUrl['port']) && $parsedUrl['port']) {
  60. return $this->isTrustedDomain($parsedUrl['host'] . ':' . $parsedUrl['port']);
  61. }
  62. return $this->isTrustedDomain($parsedUrl['host']);
  63. }
  64. /**
  65. * {@inheritDoc}
  66. */
  67. public function isTrustedDomain(string $domainWithPort): bool {
  68. // overwritehost is always trusted
  69. if ($this->config->getSystemValue('overwritehost') !== '') {
  70. return true;
  71. }
  72. $domain = $this->getDomainWithoutPort($domainWithPort);
  73. // Read trusted domains from config
  74. $trustedList = $this->config->getSystemValue('trusted_domains', []);
  75. if (!is_array($trustedList)) {
  76. return false;
  77. }
  78. // Always allow access from localhost
  79. if (preg_match(Request::REGEX_LOCALHOST, $domain) === 1) {
  80. return true;
  81. }
  82. // Reject malformed domains in any case
  83. if (str_starts_with($domain, '-') || str_contains($domain, '..')) {
  84. return false;
  85. }
  86. // Match, allowing for * wildcards
  87. foreach ($trustedList as $trusted) {
  88. if (gettype($trusted) !== 'string') {
  89. break;
  90. }
  91. $regex = '/^' . implode('[-\.a-zA-Z0-9]*', array_map(function ($v) {
  92. return preg_quote($v, '/');
  93. }, explode('*', $trusted))) . '$/i';
  94. if (preg_match($regex, $domain) || preg_match($regex, $domainWithPort)) {
  95. return true;
  96. }
  97. }
  98. return false;
  99. }
  100. }