diff options
| author | Florian Hülsmann <fh@cbix.de> | 2012-05-07 13:15:24 +0400 |
|---|---|---|
| committer | Florian Hülsmann <fh@cbix.de> | 2012-05-07 13:15:24 +0400 |
| commit | 8534373f2fea5268112fb7dee0faa2caf1106d05 (patch) | |
| tree | 1f7266f135e5fca13691c746ae948a3d9b1351fd /apps | |
| parent | 3a184e2e1d7ae49d596e06b724ffc36382d02596 (diff) | |
better invalid webfinger URI handling
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/remoteStorage/appinfo/webfinger.php | 2 | ||||
| -rwxr-xr-x | apps/user_webfinger/webfinger.php | 4 |
2 files changed, 6 insertions, 0 deletions
diff --git a/apps/remoteStorage/appinfo/webfinger.php b/apps/remoteStorage/appinfo/webfinger.php index 7c0ab846057..6403d3a6916 100644 --- a/apps/remoteStorage/appinfo/webfinger.php +++ b/apps/remoteStorage/appinfo/webfinger.php @@ -1,6 +1,8 @@ +<?php if(OC_User::userExists(WF_USER)) { ?> <Link rel="remoteStorage" template="<?php echo WF_BASEURL; ?>/apps/remoteStorage/WebDAV.php/<?php echo WF_USER; ?>/remoteStorage/{category}/" api="WebDAV" auth="<?php echo WF_BASEURL; ?>/apps/remoteStorage/auth.php/<?php echo WF_USER; ?>"> </Link> +<?php } ?> diff --git a/apps/user_webfinger/webfinger.php b/apps/user_webfinger/webfinger.php index bb7bb68f776..307a1630019 100755 --- a/apps/user_webfinger/webfinger.php +++ b/apps/user_webfinger/webfinger.php @@ -51,12 +51,16 @@ if(isset($_SERVER['HTTPS'])) { $baseAddress = 'http://'; } $baseAddress .= $_SERVER['SERVER_NAME'].OC::$WEBROOT; +if(empty($id)) { + header("HTTP/1.0 400 Bad Request"); +} define('WF_USER', $userName); define('WF_ID', $id); define('WF_BASEURL', $baseAddress); echo "<"; ?> ?xml version="1.0" encoding="UTF-8"?> +<?php if(empty($id)) echo '<!-- Invalid URI: ' . str_replace('>', '/>', $request) . " -->\n"; ?> <XRD xmlns="http://docs.oasis-open.org/ns/xri/xrd-1.0" xmlns:hm="http://host-meta.net/xrd/1.0"> <hm:Host xmlns="http://host-meta.net/xrd/1.0"><?php echo $_SERVER['SERVER_NAME']; ?></hm:Host> <Subject>acct:<?php echo $id ?></Subject> |