diff options
| author | Vincent Petry <pvince81@owncloud.com> | 2016-06-09 12:59:42 +0300 |
|---|---|---|
| committer | Vincent Petry <pvince81@owncloud.com> | 2016-06-09 12:59:42 +0300 |
| commit | eb34e95fd3525630fba8bb56c2e700a40582cb5d (patch) | |
| tree | 003937ac0877ccd94f104e9c188d306c4acf2784 /lib | |
| parent | 7f3f06cdd9f6ae8c27a96bd5bfd81482c404c511 (diff) | |
Use temporary htaccesstest.txt for data dir security check
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/util.php | 37 |
1 files changed, 24 insertions, 13 deletions
diff --git a/lib/private/util.php b/lib/private/util.php index 488eb8facfd..e4d1ebabc7b 100644 --- a/lib/private/util.php +++ b/lib/private/util.php @@ -1160,19 +1160,8 @@ class OC_Util { return $encoded; } - /** - * Check if the .htaccess file is working - * @param \OCP\IConfig $config - * @return bool - * @throws Exception - * @throws \OC\HintException If the test file can't get written. - */ - public function isHtaccessWorking(\OCP\IConfig $config) { - - if (\OC::$CLI || !$config->getSystemValue('check_for_working_htaccess', true)) { - return true; - } + public function createHtaccessTestFile(\OCP\IConfig $config) { // php dev server does not support htaccess if (php_sapi_name() === 'cli-server') { return false; @@ -1180,7 +1169,7 @@ class OC_Util { // testdata $fileName = '/htaccesstest.txt'; - $testContent = 'testcontent'; + $testContent = 'This is used for testing whether htaccess is properly enabled to disallow access from the outside. This file can be safely removed.'; // creating a test file $testFile = $config->getSystemValue('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName; @@ -1196,6 +1185,28 @@ class OC_Util { } fwrite($fp, $testContent); fclose($fp); + } + + /** + * Check if the .htaccess file is working + * @param \OCP\IConfig $config + * @return bool + * @throws Exception + * @throws \OC\HintException If the test file can't get written. + */ + public function isHtaccessWorking(\OCP\IConfig $config) { + + if (\OC::$CLI || !$config->getSystemValue('check_for_working_htaccess', true)) { + return true; + } + + $testContent = $this->createHtaccessTestFile($config); + if ($testContent === false) { + return false; + } + + $fileName = '/htaccesstest.txt'; + $testFile = $config->getSystemValue('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName; // accessing the file via http $url = \OC::$server->getURLGenerator()->getAbsoluteURL(OC::$WEBROOT . '/data' . $fileName); |