Skip to content

Commit a2fc75e

Browse files
nickvergessennickvergessen
authored
Merge pull request #6424 from nextcloud/bugfix/6420/use-public-api
Use public API of trusted domain helper
2 parents 3b3fc8b + b2b170b commit a2fc75e

4 files changed

Lines changed: 12 additions & 20 deletions

File tree

composer.lock

Lines changed: 4 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/Controller/ChatController.php

Lines changed: 5 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,6 @@
2424

2525
namespace OCA\Talk\Controller;
2626

27-
use OC\Security\TrustedDomainHelper;
2827
use OCA\Talk\Chat\AutoComplete\SearchPlugin;
2928
use OCA\Talk\Chat\AutoComplete\Sorter;
3029
use OCA\Talk\Chat\ChatManager;
@@ -53,6 +52,7 @@
5352
use OCP\IUserManager;
5453
use OCP\RichObjectStrings\InvalidObjectExeption;
5554
use OCP\RichObjectStrings\IValidator;
55+
use OCP\Security\ITrustedDomainHelper;
5656
use OCP\User\Events\UserLiveStatusEvent;
5757
use OCP\UserStatus\IManager as IUserStatusManager;
5858
use OCP\UserStatus\IUserStatus;
@@ -110,7 +110,7 @@ class ChatController extends AEnvironmentAwareController {
110110
/** @var IValidator */
111111
protected $richObjectValidator;
112112

113-
/** @var TrustedDomainHelper */
113+
/** @var ITrustedDomainHelper */
114114
protected $trustedDomainHelper;
115115

116116
/** @var IL10N */
@@ -134,7 +134,7 @@ public function __construct(string $appName,
134134
ITimeFactory $timeFactory,
135135
IEventDispatcher $eventDispatcher,
136136
IValidator $richObjectValidator,
137-
TrustedDomainHelper $trustedDomainHelper,
137+
ITrustedDomainHelper $trustedDomainHelper,
138138
IL10N $l) {
139139
parent::__construct($appName, $request);
140140

@@ -291,14 +291,8 @@ public function shareObjectToChat(string $objectType, string $objectId, string $
291291
$data['type'] = $objectType;
292292
$data['id'] = $objectId;
293293

294-
if (isset($data['link'])) {
295-
$parsedUrl = parse_url($data['link']);
296-
$domain = $parsedUrl['host'] ?? '';
297-
$domain .= isset($parsedUrl['port']) && $parsedUrl['port'] ? (':' . $parsedUrl['port']) : '';
298-
299-
if (!$this->trustedDomainHelper->isTrustedDomain($domain)) {
300-
return new DataResponse([], Http::STATUS_BAD_REQUEST);
301-
}
294+
if (isset($data['link']) && !$this->trustedDomainHelper->isTrustedUrl($data['link'])) {
295+
return new DataResponse([], Http::STATUS_BAD_REQUEST);
302296
}
303297

304298
try {

psalm.xml

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,6 @@
2525
<referencedClass name="Doctrine\DBAL\Types\Types" />
2626
<referencedClass name="GuzzleHttp\Exception\ClientException" />
2727
<referencedClass name="OC" />
28-
<referencedClass name="OC\Security\TrustedDomainHelper" />
2928
<referencedClass name="OCA\Circles\Api\v1\Circles" />
3029
<referencedClass name="OCA\Circles\Events\AddingCircleMemberEvent" />
3130
<referencedClass name="OCA\Circles\Events\CircleDestroyedEvent" />
@@ -47,7 +46,6 @@
4746
<referencedClass name="Doctrine\DBAL\Schema\SchemaException" />
4847
<referencedClass name="Doctrine\DBAL\Schema\Table" />
4948
<referencedClass name="OC\DB\ConnectionAdapter" />
50-
<referencedClass name="OC\Security\TrustedDomainHelper" />
5149
<referencedClass name="OCA\Circles\Model\Member" />
5250
<referencedClass name="OCA\DAV\CardDAV\PhotoCache" />
5351
<referencedClass name="OCA\FederatedFileSharing\AddressHandler" />

tests/php/Controller/ChatControllerTest.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,6 @@
2323

2424
namespace OCA\Talk\Tests\php\Controller;
2525

26-
use OC\Security\TrustedDomainHelper;
2726
use OCA\Talk\Chat\AutoComplete\SearchPlugin;
2827
use OCA\Talk\Chat\ChatManager;
2928
use OCA\Talk\Chat\MessageParser;
@@ -49,6 +48,7 @@
4948
use OCP\IUser;
5049
use OCP\IUserManager;
5150
use OCP\RichObjectStrings\IValidator;
51+
use OCP\Security\ITrustedDomainHelper;
5252
use OCP\UserStatus\IManager as IUserStatusManager;
5353
use PHPUnit\Framework\Constraint\Callback;
5454
use PHPUnit\Framework\MockObject\MockObject;
@@ -88,7 +88,7 @@ class ChatControllerTest extends TestCase {
8888
protected $timeFactory;
8989
/** @var IValidator|MockObject */
9090
protected $richObjectValidator;
91-
/** @var TrustedDomainHelper|MockObject */
91+
/** @var ITrustedDomainHelper|MockObject */
9292
protected $trustedDomainHelper;
9393
/** @var IL10N|MockObject */
9494
private $l;
@@ -121,7 +121,7 @@ public function setUp(): void {
121121
$this->eventDispatcher = $this->createMock(IEventDispatcher::class);
122122
$this->timeFactory = $this->createMock(ITimeFactory::class);
123123
$this->richObjectValidator = $this->createMock(IValidator::class);
124-
$this->trustedDomainHelper = $this->createMock(TrustedDomainHelper::class);
124+
$this->trustedDomainHelper = $this->createMock(ITrustedDomainHelper::class);
125125
$this->l = $this->createMock(IL10N::class);
126126

127127
$this->room = $this->createMock(Room::class);

0 commit comments

Comments
 (0)