nextcloud /
server
@@ -132,7 +132,7 @@ discard block |
||
| 132 | 132 | * @param string $stream |
| 133 | 133 | * @see http://www.php.net/manual/en/reserved.variables.php |
| 134 | 134 | */ |
| 135 | - public function __construct(array $vars= [], |
|
| 135 | + public function __construct(array $vars = [], |
|
| 136 | 136 | ISecureRandom $secureRandom = null, |
| 137 | 137 | IConfig $config, |
| 138 | 138 | CsrfTokenManager $csrfTokenManager = null, |
@@ -143,11 +143,11 @@ discard block |
||
| 143 | 143 | $this->config = $config; |
| 144 | 144 | $this->csrfTokenManager = $csrfTokenManager; |
| 145 | 145 | |
| 146 | - if(!array_key_exists('method', $vars)) { |
|
| 146 | + if (!array_key_exists('method', $vars)) { |
|
| 147 | 147 | $vars['method'] = 'GET'; |
| 148 | 148 | } |
| 149 | 149 | |
| 150 | - foreach($this->allowedKeys as $name) { |
|
| 150 | + foreach ($this->allowedKeys as $name) { |
|
| 151 | 151 | $this->items[$name] = isset($vars[$name]) |
| 152 | 152 | ? $vars[$name] |
| 153 | 153 | : []; |
@@ -257,12 +257,12 @@ discard block |
||
| 257 | 257 | * @return mixed|null |
| 258 | 258 | */ |
| 259 | 259 | public function __get($name) { |
| 260 | - switch($name) { |
|
| 260 | + switch ($name) { |
|
| 261 | 261 | case 'put': |
| 262 | 262 | case 'patch': |
| 263 | 263 | case 'get': |
| 264 | 264 | case 'post': |
| 265 | - if($this->method !== strtoupper($name)) { |
|
| 265 | + if ($this->method !== strtoupper($name)) { |
|
| 266 | 266 | throw new \LogicException(sprintf('%s cannot be accessed in a %s request.', $name, $this->method)); |
| 267 | 267 | } |
| 268 | 268 | return $this->getContent(); |
@@ -313,9 +313,9 @@ discard block |
||
| 313 | 313 | */ |
| 314 | 314 | public function getHeader(string $name): string { |
| 315 | 315 | |
| 316 | - $name = strtoupper(str_replace('-', '_',$name)); |
|
| 317 | - if (isset($this->server['HTTP_' . $name])) { |
|
| 318 | - return $this->server['HTTP_' . $name]; |
|
| 316 | + $name = strtoupper(str_replace('-', '_', $name)); |
|
| 317 | + if (isset($this->server['HTTP_'.$name])) { |
|
| 318 | + return $this->server['HTTP_'.$name]; |
|
| 319 | 319 | } |
| 320 | 320 | |
| 321 | 321 | // There's a few headers that seem to end up in the top-level |
@@ -445,21 +445,21 @@ discard block |
||
| 445 | 445 | // 'application/json' must be decoded manually. |
| 446 | 446 | if (strpos($this->getHeader('Content-Type'), 'application/json') !== false) { |
| 447 | 447 | $params = json_decode(file_get_contents($this->inputStream), true); |
| 448 | - if($params !== null && \count($params) > 0) { |
|
| 448 | + if ($params !== null && \count($params) > 0) { |
|
| 449 | 449 | $this->items['params'] = $params; |
| 450 | - if($this->method === 'POST') { |
|
| 450 | + if ($this->method === 'POST') { |
|
| 451 | 451 | $this->items['post'] = $params; |
| 452 | 452 | } |
| 453 | 453 | } |
| 454 | 454 | |
| 455 | 455 | // Handle application/x-www-form-urlencoded for methods other than GET |
| 456 | 456 | // or post correctly |
| 457 | - } elseif($this->method !== 'GET' |
|
| 457 | + } elseif ($this->method !== 'GET' |
|
| 458 | 458 | && $this->method !== 'POST' |
| 459 | 459 | && strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') !== false) { |
| 460 | 460 | |
| 461 | 461 | parse_str(file_get_contents($this->inputStream), $params); |
| 462 | - if(\is_array($params)) { |
|
| 462 | + if (\is_array($params)) { |
|
| 463 | 463 | $this->items['params'] = $params; |
| 464 | 464 | } |
| 465 | 465 | } |
@@ -476,11 +476,11 @@ discard block |
||
| 476 | 476 | * @return bool true if CSRF check passed |
| 477 | 477 | */ |
| 478 | 478 | public function passesCSRFCheck(): bool { |
| 479 | - if($this->csrfTokenManager === null) { |
|
| 479 | + if ($this->csrfTokenManager === null) { |
|
| 480 | 480 | return false; |
| 481 | 481 | } |
| 482 | 482 | |
| 483 | - if(!$this->passesStrictCookieCheck()) { |
|
| 483 | + if (!$this->passesStrictCookieCheck()) { |
|
| 484 | 484 | return false; |
| 485 | 485 | } |
| 486 | 486 | |
@@ -508,7 +508,7 @@ discard block |
||
| 508 | 508 | if ($this->getHeader('OCS-APIREQUEST')) { |
| 509 | 509 | return false; |
| 510 | 510 | } |
| 511 | - if($this->getCookie(session_name()) === null && $this->getCookie('nc_token') === null) { |
|
| 511 | + if ($this->getCookie(session_name()) === null && $this->getCookie('nc_token') === null) { |
|
| 512 | 512 | return false; |
| 513 | 513 | } |
| 514 | 514 | |
@@ -533,7 +533,7 @@ discard block |
||
| 533 | 533 | protected function getProtectedCookieName(string $name): string { |
| 534 | 534 | $cookieParams = $this->getCookieParams(); |
| 535 | 535 | $prefix = ''; |
| 536 | - if($cookieParams['secure'] === true && $cookieParams['path'] === '/') { |
|
| 536 | + if ($cookieParams['secure'] === true && $cookieParams['path'] === '/') { |
|
| 537 | 537 | $prefix = '__Host-'; |
| 538 | 538 | } |
| 539 | 539 | |
@@ -548,12 +548,12 @@ discard block |
||
| 548 | 548 | * @since 9.1.0 |
| 549 | 549 | */ |
| 550 | 550 | public function passesStrictCookieCheck(): bool { |
| 551 | - if(!$this->cookieCheckRequired()) { |
|
| 551 | + if (!$this->cookieCheckRequired()) { |
|
| 552 | 552 | return true; |
| 553 | 553 | } |
| 554 | 554 | |
| 555 | 555 | $cookieName = $this->getProtectedCookieName('nc_sameSiteCookiestrict'); |
| 556 | - if($this->getCookie($cookieName) === 'true' |
|
| 556 | + if ($this->getCookie($cookieName) === 'true' |
|
| 557 | 557 | && $this->passesLaxCookieCheck()) { |
| 558 | 558 | return true; |
| 559 | 559 | } |
@@ -568,12 +568,12 @@ discard block |
||
| 568 | 568 | * @since 9.1.0 |
| 569 | 569 | */ |
| 570 | 570 | public function passesLaxCookieCheck(): bool { |
| 571 | - if(!$this->cookieCheckRequired()) { |
|
| 571 | + if (!$this->cookieCheckRequired()) { |
|
| 572 | 572 | return true; |
| 573 | 573 | } |
| 574 | 574 | |
| 575 | 575 | $cookieName = $this->getProtectedCookieName('nc_sameSiteCookielax'); |
| 576 | - if($this->getCookie($cookieName) === 'true') { |
|
| 576 | + if ($this->getCookie($cookieName) === 'true') { |
|
| 577 | 577 | return true; |
| 578 | 578 | } |
| 579 | 579 | return false; |
@@ -586,12 +586,12 @@ discard block |
||
| 586 | 586 | * @return string |
| 587 | 587 | */ |
| 588 | 588 | public function getId(): string { |
| 589 | - if(isset($this->server['UNIQUE_ID'])) { |
|
| 589 | + if (isset($this->server['UNIQUE_ID'])) { |
|
| 590 | 590 | return $this->server['UNIQUE_ID']; |
| 591 | 591 | } |
| 592 | 592 | |
| 593 | - if(empty($this->requestId)) { |
|
| 594 | - $validChars = ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS; |
|
| 593 | + if (empty($this->requestId)) { |
|
| 594 | + $validChars = ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS; |
|
| 595 | 595 | $this->requestId = $this->secureRandom->generate(20, $validChars); |
| 596 | 596 | } |
| 597 | 597 | |
@@ -609,15 +609,15 @@ discard block |
||
| 609 | 609 | $remoteAddress = isset($this->server['REMOTE_ADDR']) ? $this->server['REMOTE_ADDR'] : ''; |
| 610 | 610 | $trustedProxies = $this->config->getSystemValue('trusted_proxies', []); |
| 611 | 611 | |
| 612 | - if(\is_array($trustedProxies) && \in_array($remoteAddress, $trustedProxies)) { |
|
| 612 | + if (\is_array($trustedProxies) && \in_array($remoteAddress, $trustedProxies)) { |
|
| 613 | 613 | $forwardedForHeaders = $this->config->getSystemValue('forwarded_for_headers', [ |
| 614 | 614 | 'HTTP_X_FORWARDED_FOR' |
| 615 | 615 | // only have one default, so we cannot ship an insecure product out of the box |
| 616 | 616 | ]); |
| 617 | 617 | |
| 618 | - foreach($forwardedForHeaders as $header) { |
|
| 619 | - if(isset($this->server[$header])) { |
|
| 620 | - foreach(explode(',', $this->server[$header]) as $IP) { |
|
| 618 | + foreach ($forwardedForHeaders as $header) { |
|
| 619 | + if (isset($this->server[$header])) { |
|
| 620 | + foreach (explode(',', $this->server[$header]) as $IP) { |
|
| 621 | 621 | $IP = trim($IP); |
| 622 | 622 | if (filter_var($IP, FILTER_VALIDATE_IP) !== false) { |
| 623 | 623 | return $IP; |
@@ -636,7 +636,7 @@ discard block |
||
| 636 | 636 | * @return bool |
| 637 | 637 | */ |
| 638 | 638 | private function isOverwriteCondition(string $type = ''): bool { |
| 639 | - $regex = '/' . $this->config->getSystemValue('overwritecondaddr', '') . '/'; |
|
| 639 | + $regex = '/'.$this->config->getSystemValue('overwritecondaddr', '').'/'; |
|
| 640 | 640 | $remoteAddr = isset($this->server['REMOTE_ADDR']) ? $this->server['REMOTE_ADDR'] : ''; |
| 641 | 641 | return $regex === '//' || preg_match($regex, $remoteAddr) === 1 |
| 642 | 642 | || $type !== 'protocol'; |
@@ -648,7 +648,7 @@ discard block |
||
| 648 | 648 | * @return string Server protocol (http or https) |
| 649 | 649 | */ |
| 650 | 650 | public function getServerProtocol(): string { |
| 651 | - if($this->config->getSystemValue('overwriteprotocol') !== '' |
|
| 651 | + if ($this->config->getSystemValue('overwriteprotocol') !== '' |
|
| 652 | 652 | && $this->isOverwriteCondition('protocol')) { |
| 653 | 653 | return $this->config->getSystemValue('overwriteprotocol'); |
| 654 | 654 | } |
@@ -694,7 +694,7 @@ discard block |
||
| 694 | 694 | 'HTTP/2', |
| 695 | 695 | ]; |
| 696 | 696 | |
| 697 | - if(\in_array($claimedProtocol, $validProtocols, true)) { |
|
| 697 | + if (\in_array($claimedProtocol, $validProtocols, true)) { |
|
| 698 | 698 | return $claimedProtocol; |
| 699 | 699 | } |
| 700 | 700 | |
@@ -708,8 +708,8 @@ discard block |
||
| 708 | 708 | */ |
| 709 | 709 | public function getRequestUri(): string { |
| 710 | 710 | $uri = isset($this->server['REQUEST_URI']) ? $this->server['REQUEST_URI'] : ''; |
| 711 | - if($this->config->getSystemValue('overwritewebroot') !== '' && $this->isOverwriteCondition()) { |
|
| 712 | - $uri = $this->getScriptName() . substr($uri, \strlen($this->server['SCRIPT_NAME'])); |
|
| 711 | + if ($this->config->getSystemValue('overwritewebroot') !== '' && $this->isOverwriteCondition()) { |
|
| 712 | + $uri = $this->getScriptName().substr($uri, \strlen($this->server['SCRIPT_NAME'])); |
|
| 713 | 713 | } |
| 714 | 714 | return $uri; |
| 715 | 715 | } |
@@ -723,7 +723,7 @@ discard block |
||
| 723 | 723 | $requestUri = isset($this->server['REQUEST_URI']) ? $this->server['REQUEST_URI'] : ''; |
| 724 | 724 | // remove too many leading slashes - can be caused by reverse proxy configuration |
| 725 | 725 | if (strpos($requestUri, '/') === 0) { |
| 726 | - $requestUri = '/' . ltrim($requestUri, '/'); |
|
| 726 | + $requestUri = '/'.ltrim($requestUri, '/'); |
|
| 727 | 727 | } |
| 728 | 728 | |
| 729 | 729 | $requestUri = preg_replace('%/{2,}%', '/', $requestUri); |
@@ -740,7 +740,7 @@ discard block |
||
| 740 | 740 | // FIXME: Sabre does not really belong here |
| 741 | 741 | list($path, $name) = \Sabre\Uri\split($scriptName); |
| 742 | 742 | if (!empty($path)) { |
| 743 | - if($path === $pathInfo || strpos($pathInfo, $path.'/') === 0) { |
|
| 743 | + if ($path === $pathInfo || strpos($pathInfo, $path.'/') === 0) { |
|
| 744 | 744 | $pathInfo = substr($pathInfo, \strlen($path)); |
| 745 | 745 | } else { |
| 746 | 746 | throw new \Exception("The requested uri($requestUri) cannot be processed by the script '$scriptName')"); |
@@ -756,7 +756,7 @@ discard block |
||
| 756 | 756 | if ($name !== '' && strpos($pathInfo, $name) === 0) { |
| 757 | 757 | $pathInfo = substr($pathInfo, \strlen($name)); |
| 758 | 758 | } |
| 759 | - if($pathInfo === false || $pathInfo === '/'){ |
|
| 759 | + if ($pathInfo === false || $pathInfo === '/') { |
|
| 760 | 760 | return ''; |
| 761 | 761 | } else { |
| 762 | 762 | return $pathInfo; |
@@ -774,7 +774,7 @@ discard block |
||
| 774 | 774 | $pathInfo = rawurldecode($pathInfo); |
| 775 | 775 | $encoding = mb_detect_encoding($pathInfo, ['UTF-8', 'ISO-8859-1']); |
| 776 | 776 | |
| 777 | - switch($encoding) { |
|
| 777 | + switch ($encoding) { |
|
| 778 | 778 | case 'ISO-8859-1' : |
| 779 | 779 | $pathInfo = utf8_encode($pathInfo); |
| 780 | 780 | } |
@@ -790,12 +790,12 @@ discard block |
||
| 790 | 790 | */ |
| 791 | 791 | public function getScriptName(): string { |
| 792 | 792 | $name = $this->server['SCRIPT_NAME']; |
| 793 | - $overwriteWebRoot = $this->config->getSystemValue('overwritewebroot'); |
|
| 793 | + $overwriteWebRoot = $this->config->getSystemValue('overwritewebroot'); |
|
| 794 | 794 | if ($overwriteWebRoot !== '' && $this->isOverwriteCondition()) { |
| 795 | 795 | // FIXME: This code is untestable due to __DIR__, also that hardcoded path is really dangerous |
| 796 | 796 | $serverRoot = str_replace('\\', '/', substr(__DIR__, 0, -\strlen('lib/private/appframework/http/'))); |
| 797 | 797 | $suburi = str_replace('\\', '/', substr(realpath($this->server['SCRIPT_FILENAME']), \strlen($serverRoot))); |
| 798 | - $name = '/' . ltrim($overwriteWebRoot . $suburi, '/'); |
|
| 798 | + $name = '/'.ltrim($overwriteWebRoot.$suburi, '/'); |
|
| 799 | 799 | } |
| 800 | 800 | return $name; |
| 801 | 801 | } |
@@ -865,7 +865,7 @@ discard block |
||
| 865 | 865 | return $host; |
| 866 | 866 | } else { |
| 867 | 867 | $trustedList = $this->config->getSystemValue('trusted_domains', []); |
| 868 | - if(!empty($trustedList)) { |
|
| 868 | + if (!empty($trustedList)) { |
|
| 869 | 869 | return $trustedList[0]; |
| 870 | 870 | } else { |
| 871 | 871 | return ''; |
@@ -880,7 +880,7 @@ discard block |
||
| 880 | 880 | * isn't met |
| 881 | 881 | */ |
| 882 | 882 | private function getOverwriteHost() { |
| 883 | - if($this->config->getSystemValue('overwritehost') !== '' && $this->isOverwriteCondition()) { |
|
| 883 | + if ($this->config->getSystemValue('overwritehost') !== '' && $this->isOverwriteCondition()) { |
|
| 884 | 884 | return $this->config->getSystemValue('overwritehost'); |
| 885 | 885 | } |
| 886 | 886 | return null; |
