sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Extract Auth Header logic into new function handleAuthHeaders().

remotes/origin/fix-10825
Andreas Fischer 2014-07-19 02:16:28 +07:00
parent fafed17c60
commit bfd59bddf4
1 changed files with 22 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
lib/base.php
Unescape Escape View File

@ -472,26 +472,7 @@ class OC {
@ini_set('post_max_size', '10G');
@ini_set('file_uploads', '50');
//copy http auth headers for apache+php-fcgid work around
if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) {
$_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION'];
}
// Extract PHP_AUTH_USER/PHP_AUTH_PW from other headers if necessary.
$httpAuthHeaderServerVars = array(
'HTTP_AUTHORIZATION', // apache+php-cgi work around
'REDIRECT_HTTP_AUTHORIZATION', // apache+php-cgi alternative
);
foreach ($httpAuthHeaderServerVars as $httpAuthHeaderServerVar) {
if (isset($_SERVER[$httpAuthHeaderServerVar])
&& preg_match('/Basic\s+(.*)$/i', $_SERVER[$httpAuthHeaderServerVar], $matches)
) {
list($name, $password) = explode(':', base64_decode($matches[1]), 2);
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
break;
}
}
self::handleAuthHeaders();
self::initPaths();
if (OC_Config::getValue('instanceid', false)) {
@ -812,6 +793,27 @@ class OC {
return false;
}
protected static function handleAuthHeaders() {
//copy http auth headers for apache+php-fcgid work around
if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) {
$_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION'];
}
// Extract PHP_AUTH_USER/PHP_AUTH_PW from other headers if necessary.
$vars = array(
'HTTP_AUTHORIZATION', // apache+php-cgi work around
'REDIRECT_HTTP_AUTHORIZATION', // apache+php-cgi alternative
);
foreach ($vars as $var) {
if (isset($_SERVER[$var]) && preg_match('/Basic\s+(.*)$/i', $_SERVER[$var], $matches)) {
list($name, $password) = explode(':', base64_decode($matches[1]), 2);
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
break;
}
}
}
protected static function handleLogin() {
OC_App::loadApps(array('prelogin'));
$error = array();