nextcloud /
server
@@ -132,7 +132,7 @@ discard block |
||
| 132 | 132 | * @param string $stream |
| 133 | 133 | * @see http://www.php.net/manual/en/reserved.variables.php |
| 134 | 134 | */ |
| 135 | - public function __construct(array $vars= [], |
|
| 135 | + public function __construct(array $vars = [], |
|
| 136 | 136 | ISecureRandom $secureRandom = null, |
| 137 | 137 | IConfig $config, |
| 138 | 138 | CsrfTokenManager $csrfTokenManager = null, |
@@ -143,11 +143,11 @@ discard block |
||
| 143 | 143 | $this->config = $config; |
| 144 | 144 | $this->csrfTokenManager = $csrfTokenManager; |
| 145 | 145 | |
| 146 | - if(!array_key_exists('method', $vars)) { |
|
| 146 | + if (!array_key_exists('method', $vars)) { |
|
| 147 | 147 | $vars['method'] = 'GET'; |
| 148 | 148 | } |
| 149 | 149 | |
| 150 | - foreach($this->allowedKeys as $name) { |
|
| 150 | + foreach ($this->allowedKeys as $name) { |
|
| 151 | 151 | $this->items[$name] = isset($vars[$name]) |
| 152 | 152 | ? $vars[$name] |
| 153 | 153 | : []; |
@@ -257,12 +257,12 @@ discard block |
||
| 257 | 257 | * @return mixed|null |
| 258 | 258 | */ |
| 259 | 259 | public function __get($name) { |
| 260 | - switch($name) { |
|
| 260 | + switch ($name) { |
|
| 261 | 261 | case 'put': |
| 262 | 262 | case 'patch': |
| 263 | 263 | case 'get': |
| 264 | 264 | case 'post': |
| 265 | - if($this->method !== strtoupper($name)) { |
|
| 265 | + if ($this->method !== strtoupper($name)) { |
|
| 266 | 266 | throw new \LogicException(sprintf('%s cannot be accessed in a %s request.', $name, $this->method)); |
| 267 | 267 | } |
| 268 | 268 | return $this->getContent(); |
@@ -313,9 +313,9 @@ discard block |
||
| 313 | 313 | */ |
| 314 | 314 | public function getHeader(string $name): string { |
| 315 | 315 | |
| 316 | - $name = strtoupper(str_replace('-', '_',$name)); |
|
| 317 | - if (isset($this->server['HTTP_' . $name])) { |
|
| 318 | - return $this->server['HTTP_' . $name]; |
|
| 316 | + $name = strtoupper(str_replace('-', '_', $name)); |
|
| 317 | + if (isset($this->server['HTTP_'.$name])) { |
|
| 318 | + return $this->server['HTTP_'.$name]; |
|
| 319 | 319 | } |
| 320 | 320 | |
| 321 | 321 | // There's a few headers that seem to end up in the top-level |
@@ -445,21 +445,21 @@ discard block |
||
| 445 | 445 | // 'application/json' must be decoded manually. |
| 446 | 446 | if (strpos($this->getHeader('Content-Type'), 'application/json') !== false) { |
| 447 | 447 | $params = json_decode(file_get_contents($this->inputStream), true); |
| 448 | - if($params !== null && \count($params) > 0) { |
|
| 448 | + if ($params !== null && \count($params) > 0) { |
|
| 449 | 449 | $this->items['params'] = $params; |
| 450 | - if($this->method === 'POST') { |
|
| 450 | + if ($this->method === 'POST') { |
|
| 451 | 451 | $this->items['post'] = $params; |
| 452 | 452 | } |
| 453 | 453 | } |
| 454 | 454 | |
| 455 | 455 | // Handle application/x-www-form-urlencoded for methods other than GET |
| 456 | 456 | // or post correctly |
| 457 | - } elseif($this->method !== 'GET' |
|
| 457 | + } elseif ($this->method !== 'GET' |
|
| 458 | 458 | && $this->method !== 'POST' |
| 459 | 459 | && strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') !== false) { |
| 460 | 460 | |
| 461 | 461 | parse_str(file_get_contents($this->inputStream), $params); |
| 462 | - if(\is_array($params)) { |
|
| 462 | + if (\is_array($params)) { |
|
| 463 | 463 | $this->items['params'] = $params; |
| 464 | 464 | } |
| 465 | 465 | } |
@@ -476,11 +476,11 @@ discard block |
||
| 476 | 476 | * @return bool true if CSRF check passed |
| 477 | 477 | */ |
| 478 | 478 | public function passesCSRFCheck(): bool { |
| 479 | - if($this->csrfTokenManager === null) { |
|
| 479 | + if ($this->csrfTokenManager === null) { |
|
| 480 | 480 | return false; |
| 481 | 481 | } |
| 482 | 482 | |
| 483 | - if(!$this->passesStrictCookieCheck()) { |
|
| 483 | + if (!$this->passesStrictCookieCheck()) { |
|
| 484 | 484 | return false; |
| 485 | 485 | } |
| 486 | 486 | |
@@ -508,7 +508,7 @@ discard block |
||
| 508 | 508 | if ($this->getHeader('OCS-APIREQUEST')) { |
| 509 | 509 | return false; |
| 510 | 510 | } |
| 511 | - if($this->getCookie(session_name()) === null && $this->getCookie('nc_token') === null) { |
|
| 511 | + if ($this->getCookie(session_name()) === null && $this->getCookie('nc_token') === null) { |
|
| 512 | 512 | return false; |
| 513 | 513 | } |
| 514 | 514 | |
@@ -533,7 +533,7 @@ discard block |
||
| 533 | 533 | protected function getProtectedCookieName(string $name): string { |
| 534 | 534 | $cookieParams = $this->getCookieParams(); |
| 535 | 535 | $prefix = ''; |
| 536 | - if($cookieParams['secure'] === true && $cookieParams['path'] === '/') { |
|
| 536 | + if ($cookieParams['secure'] === true && $cookieParams['path'] === '/') { |
|
| 537 | 537 | $prefix = '__Host-'; |
| 538 | 538 | } |
| 539 | 539 | |
@@ -548,12 +548,12 @@ discard block |
||
| 548 | 548 | * @since 9.1.0 |
| 549 | 549 | */ |
| 550 | 550 | public function passesStrictCookieCheck(): bool { |
| 551 | - if(!$this->cookieCheckRequired()) { |
|
| 551 | + if (!$this->cookieCheckRequired()) { |
|
| 552 | 552 | return true; |
| 553 | 553 | } |
| 554 | 554 | |
| 555 | 555 | $cookieName = $this->getProtectedCookieName('nc_sameSiteCookiestrict'); |
| 556 | - if($this->getCookie($cookieName) === 'true' |
|
| 556 | + if ($this->getCookie($cookieName) === 'true' |
|
| 557 | 557 | && $this->passesLaxCookieCheck()) { |
| 558 | 558 | return true; |
| 559 | 559 | } |
@@ -568,12 +568,12 @@ discard block |
||
| 568 | 568 | * @since 9.1.0 |
| 569 | 569 | */ |
| 570 | 570 | public function passesLaxCookieCheck(): bool { |
| 571 | - if(!$this->cookieCheckRequired()) { |
|
| 571 | + if (!$this->cookieCheckRequired()) { |
|
| 572 | 572 | return true; |
| 573 | 573 | } |
| 574 | 574 | |
| 575 | 575 | $cookieName = $this->getProtectedCookieName('nc_sameSiteCookielax'); |
| 576 | - if($this->getCookie($cookieName) === 'true') { |
|
| 576 | + if ($this->getCookie($cookieName) === 'true') { |
|
| 577 | 577 | return true; |
| 578 | 578 | } |
| 579 | 579 | return false; |
@@ -586,12 +586,12 @@ discard block |
||
| 586 | 586 | * @return string |
| 587 | 587 | */ |
| 588 | 588 | public function getId(): string { |
| 589 | - if(isset($this->server['UNIQUE_ID'])) { |
|
| 589 | + if (isset($this->server['UNIQUE_ID'])) { |
|
| 590 | 590 | return $this->server['UNIQUE_ID']; |
| 591 | 591 | } |
| 592 | 592 | |
| 593 | - if(empty($this->requestId)) { |
|
| 594 | - $validChars = ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS; |
|
| 593 | + if (empty($this->requestId)) { |
|
| 594 | + $validChars = ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS; |
|
| 595 | 595 | $this->requestId = $this->secureRandom->generate(20, $validChars); |
| 596 | 596 | } |
| 597 | 597 | |
@@ -647,15 +647,15 @@ discard block |
||
| 647 | 647 | $remoteAddress = isset($this->server['REMOTE_ADDR']) ? $this->server['REMOTE_ADDR'] : ''; |
| 648 | 648 | $trustedProxies = $this->config->getSystemValue('trusted_proxies', []); |
| 649 | 649 | |
| 650 | - if(\is_array($trustedProxies) && $this->isTrustedProxy($trustedProxies, $remoteAddress)) { |
|
| 650 | + if (\is_array($trustedProxies) && $this->isTrustedProxy($trustedProxies, $remoteAddress)) { |
|
| 651 | 651 | $forwardedForHeaders = $this->config->getSystemValue('forwarded_for_headers', [ |
| 652 | 652 | 'HTTP_X_FORWARDED_FOR' |
| 653 | 653 | // only have one default, so we cannot ship an insecure product out of the box |
| 654 | 654 | ]); |
| 655 | 655 | |
| 656 | - foreach($forwardedForHeaders as $header) { |
|
| 657 | - if(isset($this->server[$header])) { |
|
| 658 | - foreach(explode(',', $this->server[$header]) as $IP) { |
|
| 656 | + foreach ($forwardedForHeaders as $header) { |
|
| 657 | + if (isset($this->server[$header])) { |
|
| 658 | + foreach (explode(',', $this->server[$header]) as $IP) { |
|
| 659 | 659 | $IP = trim($IP); |
| 660 | 660 | if (filter_var($IP, FILTER_VALIDATE_IP) !== false) { |
| 661 | 661 | return $IP; |
@@ -674,7 +674,7 @@ discard block |
||
| 674 | 674 | * @return bool |
| 675 | 675 | */ |
| 676 | 676 | private function isOverwriteCondition(string $type = ''): bool { |
| 677 | - $regex = '/' . $this->config->getSystemValue('overwritecondaddr', '') . '/'; |
|
| 677 | + $regex = '/'.$this->config->getSystemValue('overwritecondaddr', '').'/'; |
|
| 678 | 678 | $remoteAddr = isset($this->server['REMOTE_ADDR']) ? $this->server['REMOTE_ADDR'] : ''; |
| 679 | 679 | return $regex === '//' || preg_match($regex, $remoteAddr) === 1 |
| 680 | 680 | || $type !== 'protocol'; |
@@ -686,7 +686,7 @@ discard block |
||
| 686 | 686 | * @return string Server protocol (http or https) |
| 687 | 687 | */ |
| 688 | 688 | public function getServerProtocol(): string { |
| 689 | - if($this->config->getSystemValue('overwriteprotocol') !== '' |
|
| 689 | + if ($this->config->getSystemValue('overwriteprotocol') !== '' |
|
| 690 | 690 | && $this->isOverwriteCondition('protocol')) { |
| 691 | 691 | return $this->config->getSystemValue('overwriteprotocol'); |
| 692 | 692 | } |
@@ -732,7 +732,7 @@ discard block |
||
| 732 | 732 | 'HTTP/2', |
| 733 | 733 | ]; |
| 734 | 734 | |
| 735 | - if(\in_array($claimedProtocol, $validProtocols, true)) { |
|
| 735 | + if (\in_array($claimedProtocol, $validProtocols, true)) { |
|
| 736 | 736 | return $claimedProtocol; |
| 737 | 737 | } |
| 738 | 738 | |
@@ -746,8 +746,8 @@ discard block |
||
| 746 | 746 | */ |
| 747 | 747 | public function getRequestUri(): string { |
| 748 | 748 | $uri = isset($this->server['REQUEST_URI']) ? $this->server['REQUEST_URI'] : ''; |
| 749 | - if($this->config->getSystemValue('overwritewebroot') !== '' && $this->isOverwriteCondition()) { |
|
| 750 | - $uri = $this->getScriptName() . substr($uri, \strlen($this->server['SCRIPT_NAME'])); |
|
| 749 | + if ($this->config->getSystemValue('overwritewebroot') !== '' && $this->isOverwriteCondition()) { |
|
| 750 | + $uri = $this->getScriptName().substr($uri, \strlen($this->server['SCRIPT_NAME'])); |
|
| 751 | 751 | } |
| 752 | 752 | return $uri; |
| 753 | 753 | } |
@@ -761,7 +761,7 @@ discard block |
||
| 761 | 761 | $requestUri = isset($this->server['REQUEST_URI']) ? $this->server['REQUEST_URI'] : ''; |
| 762 | 762 | // remove too many leading slashes - can be caused by reverse proxy configuration |
| 763 | 763 | if (strpos($requestUri, '/') === 0) { |
| 764 | - $requestUri = '/' . ltrim($requestUri, '/'); |
|
| 764 | + $requestUri = '/'.ltrim($requestUri, '/'); |
|
| 765 | 765 | } |
| 766 | 766 | |
| 767 | 767 | $requestUri = preg_replace('%/{2,}%', '/', $requestUri); |
@@ -778,7 +778,7 @@ discard block |
||
| 778 | 778 | // FIXME: Sabre does not really belong here |
| 779 | 779 | list($path, $name) = \Sabre\Uri\split($scriptName); |
| 780 | 780 | if (!empty($path)) { |
| 781 | - if($path === $pathInfo || strpos($pathInfo, $path.'/') === 0) { |
|
| 781 | + if ($path === $pathInfo || strpos($pathInfo, $path.'/') === 0) { |
|
| 782 | 782 | $pathInfo = substr($pathInfo, \strlen($path)); |
| 783 | 783 | } else { |
| 784 | 784 | throw new \Exception("The requested uri($requestUri) cannot be processed by the script '$scriptName')"); |
@@ -794,7 +794,7 @@ discard block |
||
| 794 | 794 | if ($name !== '' && strpos($pathInfo, $name) === 0) { |
| 795 | 795 | $pathInfo = substr($pathInfo, \strlen($name)); |
| 796 | 796 | } |
| 797 | - if($pathInfo === false || $pathInfo === '/'){ |
|
| 797 | + if ($pathInfo === false || $pathInfo === '/') { |
|
| 798 | 798 | return ''; |
| 799 | 799 | } else { |
| 800 | 800 | return $pathInfo; |
@@ -812,7 +812,7 @@ discard block |
||
| 812 | 812 | $pathInfo = rawurldecode($pathInfo); |
| 813 | 813 | $encoding = mb_detect_encoding($pathInfo, ['UTF-8', 'ISO-8859-1']); |
| 814 | 814 | |
| 815 | - switch($encoding) { |
|
| 815 | + switch ($encoding) { |
|
| 816 | 816 | case 'ISO-8859-1' : |
| 817 | 817 | $pathInfo = utf8_encode($pathInfo); |
| 818 | 818 | } |
@@ -828,12 +828,12 @@ discard block |
||
| 828 | 828 | */ |
| 829 | 829 | public function getScriptName(): string { |
| 830 | 830 | $name = $this->server['SCRIPT_NAME']; |
| 831 | - $overwriteWebRoot = $this->config->getSystemValue('overwritewebroot'); |
|
| 831 | + $overwriteWebRoot = $this->config->getSystemValue('overwritewebroot'); |
|
| 832 | 832 | if ($overwriteWebRoot !== '' && $this->isOverwriteCondition()) { |
| 833 | 833 | // FIXME: This code is untestable due to __DIR__, also that hardcoded path is really dangerous |
| 834 | 834 | $serverRoot = str_replace('\\', '/', substr(__DIR__, 0, -\strlen('lib/private/appframework/http/'))); |
| 835 | 835 | $suburi = str_replace('\\', '/', substr(realpath($this->server['SCRIPT_FILENAME']), \strlen($serverRoot))); |
| 836 | - $name = '/' . ltrim($overwriteWebRoot . $suburi, '/'); |
|
| 836 | + $name = '/'.ltrim($overwriteWebRoot.$suburi, '/'); |
|
| 837 | 837 | } |
| 838 | 838 | return $name; |
| 839 | 839 | } |
@@ -903,7 +903,7 @@ discard block |
||
| 903 | 903 | return $host; |
| 904 | 904 | } else { |
| 905 | 905 | $trustedList = $this->config->getSystemValue('trusted_domains', []); |
| 906 | - if(!empty($trustedList)) { |
|
| 906 | + if (!empty($trustedList)) { |
|
| 907 | 907 | return $trustedList[0]; |
| 908 | 908 | } else { |
| 909 | 909 | return ''; |
@@ -918,7 +918,7 @@ discard block |
||
| 918 | 918 | * isn't met |
| 919 | 919 | */ |
| 920 | 920 | private function getOverwriteHost() { |
| 921 | - if($this->config->getSystemValue('overwritehost') !== '' && $this->isOverwriteCondition()) { |
|
| 921 | + if ($this->config->getSystemValue('overwritehost') !== '' && $this->isOverwriteCondition()) { |
|
| 922 | 922 | return $this->config->getSystemValue('overwritehost'); |
| 923 | 923 | } |
| 924 | 924 | return null; |
