Skip to content

Commit 2dada90

Browse files
ylebrePotherca
ylebre
authored and
Potherca
committed
use request scheme from the server params to allow http and https
1 parent 3706ac5 commit 2dada90

4 files changed

Lines changed: 42 additions & 26 deletions

File tree

solid/lib/Controller/CalendarController.php

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ public function __construct(
5050

5151
private function getFileSystem($userId) {
5252
// Make sure the root folder has an acl file, as is required by the spec;
53-
// Generate a default file granting the owner full access.
53+
// Generate a default file granting the owner full access.
5454
$defaultAcl = $this->generateDefaultAcl($userId);
5555

5656
// Create the Nextcloud Calendar Adapter
@@ -61,7 +61,11 @@ private function getFileSystem($userId) {
6161
// Create Formats objects
6262
$formats = new \Pdsinterop\Rdf\Formats();
6363

64-
$serverUri = "https://" . $this->rawRequest->getServerParams()["SERVER_NAME"] . $this->rawRequest->getServerParams()["REQUEST_URI"]; // FIXME: doublecheck that this is the correct url;
64+
$serverParams = $this->rawRequest->getServerParams();
65+
$scheme = $serverParams['REQUEST_SCHEME'];
66+
$domain = $serverParams['SERVER_NAME'];
67+
$path = $serverParams['REQUEST_URI'];
68+
$serverUri = "{$scheme}://{$domain}{$path}"; // FIXME: doublecheck that this is the correct url;
6569

6670
// Create the RDF Adapter
6771
$rdfAdapter = new \Pdsinterop\Rdf\Flysystem\Adapter\Rdf(
@@ -122,8 +126,8 @@ private function getCalendarUrl($userId) {
122126
* @NoCSRFRequired
123127
*/
124128
public function handleRequest($userId, $path) {
125-
$this->calendarUserId = $userId;
126-
129+
$this->calendarUserId = $userId;
130+
127131
$this->rawRequest = \Laminas\Diactoros\ServerRequestFactory::fromGlobals($_SERVER, $_GET, $_POST, $_COOKIE, $_FILES);
128132
$this->response = new \Laminas\Diactoros\Response();
129133

solid/lib/Controller/ContactsController.php

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -51,7 +51,7 @@ public function __construct(
5151

5252
private function getFileSystem($userId) {
5353
// Make sure the root folder has an acl file, as is required by the spec;
54-
// Generate a default file granting the owner full access.
54+
// Generate a default file granting the owner full access.
5555
$defaultAcl = $this->generateDefaultAcl($userId);
5656

5757
// Create the Nextcloud Contacts Adapter
@@ -62,7 +62,11 @@ private function getFileSystem($userId) {
6262
// Create Formats objects
6363
$formats = new \Pdsinterop\Rdf\Formats();
6464

65-
$serverUri = "https://" . $this->rawRequest->getServerParams()["SERVER_NAME"] . $this->rawRequest->getServerParams()["REQUEST_URI"]; // FIXME: doublecheck that this is the correct url;
65+
$serverParams = $this->rawRequest->getServerParams();
66+
$scheme = $serverParams['REQUEST_SCHEME'];
67+
$domain = $serverParams['SERVER_NAME'];
68+
$path = $serverParams['REQUEST_URI'];
69+
$serverUri = "{$scheme}://{$domain}{$path}"; // FIXME: doublecheck that this is the correct url;
6670

6771
// Create the RDF Adapter
6872
$rdfAdapter = new \Pdsinterop\Rdf\Flysystem\Adapter\Rdf(
@@ -123,8 +127,8 @@ private function getContactsUrl($userId) {
123127
* @NoCSRFRequired
124128
*/
125129
public function handleRequest($userId, $path) {
126-
$this->contactsUserId = $userId;
127-
130+
$this->contactsUserId = $userId;
131+
128132
$this->rawRequest = \Laminas\Diactoros\ServerRequestFactory::fromGlobals($_SERVER, $_GET, $_POST, $_COOKIE, $_FILES);
129133
$this->response = new \Laminas\Diactoros\Response();
130134

solid/lib/Controller/ProfileController.php

Lines changed: 8 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -54,7 +54,7 @@ public function __construct(
5454

5555
private function getFileSystem($userId) {
5656
// Make sure the root folder has an acl file, as is required by the spec;
57-
// Generate a default file granting the owner full access.
57+
// Generate a default file granting the owner full access.
5858
$defaultAcl = $this->generateDefaultAcl($userId);
5959
$profile = $this->generateTurtleProfile($userId);
6060

@@ -65,7 +65,11 @@ private function getFileSystem($userId) {
6565
// Create Formats objects
6666
$formats = new \Pdsinterop\Rdf\Formats();
6767

68-
$serverUri = "https://" . $this->rawRequest->getServerParams()["SERVER_NAME"] . $this->rawRequest->getServerParams()["REQUEST_URI"]; // FIXME: doublecheck that this is the correct url;
68+
$serverParams = $this->rawRequest->getServerParams();
69+
$scheme = $serverParams['REQUEST_SCHEME'];
70+
$domain = $serverParams['SERVER_NAME'];
71+
$path = $serverParams['REQUEST_URI'];
72+
$serverUri = "{$scheme}://{$domain}{$path}"; // FIXME: doublecheck that this is the correct url;
6973

7074
// Create the RDF Adapter
7175
$rdfAdapter = new \Pdsinterop\Rdf\Flysystem\Adapter\Rdf(
@@ -139,8 +143,8 @@ private function getStorageUrl($userId) {
139143
* @NoCSRFRequired
140144
*/
141145
public function handleRequest($userId, $path) {
142-
$this->userId = $userId;
143-
146+
$this->userId = $userId;
147+
144148
$this->rawRequest = \Laminas\Diactoros\ServerRequestFactory::fromGlobals($_SERVER, $_GET, $_POST, $_COOKIE, $_FILES);
145149
$this->response = new \Laminas\Diactoros\Response();
146150

solid/lib/Controller/StorageController.php

Lines changed: 18 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -63,7 +63,11 @@ private function getFileSystem() {
6363
// Create Formats objects
6464
$formats = new \Pdsinterop\Rdf\Formats();
6565

66-
$serverUri = "https://" . $this->rawRequest->getServerParams()["SERVER_NAME"] . $this->rawRequest->getServerParams()["REQUEST_URI"]; // FIXME: doublecheck that this is the correct url;
66+
$serverParams = $this->rawRequest->getServerParams();
67+
$scheme = $serverParams['REQUEST_SCHEME'];
68+
$domain = $serverParams['SERVER_NAME'];
69+
$path = $serverParams['REQUEST_URI'];
70+
$serverUri = "{$scheme}://{$domain}{$path}"; // FIXME: doublecheck that this is the correct url;
6771

6872
// Create the RDF Adapter
6973
$rdfAdapter = new \Pdsinterop\Rdf\Flysystem\Adapter\Rdf(
@@ -431,19 +435,19 @@ private function respond($response) {
431435
// $result->addHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization');
432436
// $result->addHeader('Access-Control-Allow-Origin', $origin);
433437

434-
$policy = new EmptyContentSecurityPolicy();
435-
$policy->addAllowedStyleDomain("*");
436-
$policy->addAllowedStyleDomain("data:");
437-
$policy->addAllowedScriptDomain("*");
438-
$policy->addAllowedImageDomain("*");
439-
$policy->addAllowedFontDomain("*");
440-
$policy->addAllowedConnectDomain("*");
441-
$policy->allowInlineStyle(true);
442-
// $policy->allowInlineScript(true); - removed, this function no longer exists in NC28
443-
$policy->allowEvalScript(true);
444-
$result->setContentSecurityPolicy($policy);
445-
446-
$result->setStatus($statusCode);
438+
$policy = new EmptyContentSecurityPolicy();
439+
$policy->addAllowedStyleDomain("*");
440+
$policy->addAllowedStyleDomain("data:");
441+
$policy->addAllowedScriptDomain("*");
442+
$policy->addAllowedImageDomain("*");
443+
$policy->addAllowedFontDomain("*");
444+
$policy->addAllowedConnectDomain("*");
445+
$policy->allowInlineStyle(true);
446+
// $policy->allowInlineScript(true); - removed, this function no longer exists in NC28
447+
$policy->allowEvalScript(true);
448+
$result->setContentSecurityPolicy($policy);
449+
450+
$result->setStatus($statusCode);
447451
return $result;
448452
}
449453
}

0 commit comments

Comments
 (0)