From 133d3405d02c5759f6d3c46ef4783e39141c17d0 Mon Sep 17 00:00:00 2001 From: bjoernv Date: Wed, 22 Apr 2020 23:31:36 +0200 Subject: [PATCH] Fix for #141 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Authorization header for OC_User_BasicAuth is now set with locally stream context instead globally with stream_context_set_default function. * HTTP Redirects in OC_User_BasicAuth are disabled now, so authorization header can not be forwared to foreign servers. Closes #141 Signed-off-by: Björn Voigt --- lib/basicauth.php | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/lib/basicauth.php b/lib/basicauth.php index c6e55f1..5963972 100644 --- a/lib/basicauth.php +++ b/lib/basicauth.php @@ -28,12 +28,13 @@ class OC_User_BasicAuth extends \OCA\user_external\Base { * Connect without user/name password to make sure * URL is indeed authenticating or not... */ - stream_context_set_default(array( - 'http'=>array( - 'method'=>"GET", + $context = stream_context_create(array( + 'http' => array( + 'method' => "GET", + 'follow_location' => 0 )) ); - $canary = get_headers($this->authUrl, 1); + $canary = get_headers($this->authUrl, 1, $context); if(!$canary) { OC::$server->getLogger()->error( 'ERROR: Not possible to connect to BasicAuth Url: '.$this->authUrl, @@ -49,13 +50,14 @@ class OC_User_BasicAuth extends \OCA\user_external\Base { return false; } - stream_context_set_default(array( - 'http'=>array( - 'method'=>"GET", - 'header' => "authorization: Basic " . base64_encode("$uid:$password") + $context = stream_context_create(array( + 'http' => array( + 'method' => "GET", + 'header' => "authorization: Basic " . base64_encode("$uid:$password"), + 'follow_location' => 0 )) ); - $headers = get_headers($this->authUrl, 1); + $headers = get_headers($this->authUrl, 1, $context); if(!$headers) { OC::$server->getLogger()->error(