diff options
| author | VicDeo <dubiniuk@owncloud.com> | 2016-09-08 22:54:14 +0300 |
|---|---|---|
| committer | Victor Dubiniuk <victor.dubiniuk@gmail.com> | 2016-10-04 19:02:04 +0300 |
| commit | 82cd86a2079c515df5889648c828c29e51424dab (patch) | |
| tree | 20755c0a216a002157d25ab0dc045c5e5cacdedb /core | |
| parent | 8b20b12584bb49b46913ffb9ed273c15b245cc27 (diff) | |
Allow one more origin. Log the reason of occ controller failure (#26031)
* Log the reason of occ controller failure
* Allow requests from SERVER_ADDR
Diffstat (limited to 'core')
| -rw-r--r-- | core/Controller/OccController.php | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/core/Controller/OccController.php b/core/Controller/OccController.php index 917d02f37f1..0d63c131789 100644 --- a/core/Controller/OccController.php +++ b/core/Controller/OccController.php @@ -26,6 +26,7 @@ use OCP\AppFramework\Http\JSONResponse; use OC\Console\Application; use OCP\IConfig; use OCP\IRequest; +use OCP\ILogger; use Symfony\Component\Console\Input\ArrayInput; use Symfony\Component\Console\Output\BufferedOutput; @@ -48,6 +49,8 @@ class OccController extends Controller { private $config; /** @var Application */ private $console; + /** @var ILogger */ + private $logger; /** * OccController constructor. @@ -56,12 +59,14 @@ class OccController extends Controller { * @param IRequest $request * @param IConfig $config * @param Application $console + * @param ILogger $logger */ public function __construct($appName, IRequest $request, - IConfig $config, Application $console) { + IConfig $config, Application $console, ILogger $logger) { parent::__construct($appName, $request); $this->config = $config; $this->console = $console; + $this->logger = $logger; } /** @@ -108,6 +113,13 @@ class OccController extends Controller { ]; } catch (\UnexpectedValueException $e){ + $this->logger->warning( + 'Invalid request to occ controller. Details: "{details}"', + [ + 'app' => 'core', + 'details' => $e->getMessage() + ] + ); $json = [ 'exitCode' => 126, 'response' => 'Not allowed', @@ -123,8 +135,13 @@ class OccController extends Controller { * @param $token */ protected function validateRequest($command, $token){ - if (!in_array($this->request->getRemoteAddress(), ['::1', '127.0.0.1', 'localhost'])) { - throw new \UnexpectedValueException('Web executor is not allowed to run from a different host'); + $allowedHosts = ['::1', '127.0.0.1', 'localhost']; + if (isset($this->request->server['SERVER_ADDR'])){ + array_push($allowedHosts, $this->request->server['SERVER_ADDR']); + } + + if (!in_array($this->request->getRemoteAddress(), $allowedHosts)) { + throw new \UnexpectedValueException('Web executor is not allowed to run from a host ' . $this->request->getRemoteAddress()); } if (!in_array($command, $this->allowedCommands)) { |