From 3855d78b2cf5c369f851e289297dd937bbaff3d6 Mon Sep 17 00:00:00 2001 From: Daniel Kesselberg Date: Sat, 9 Mar 2019 16:14:54 +0100 Subject: [PATCH 1/2] Make check for empty trusted proxies more strict Signed-off-by: Daniel Kesselberg --- settings/Controller/CheckSetupController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/settings/Controller/CheckSetupController.php b/settings/Controller/CheckSetupController.php index b23c48f446..372a0a35e8 100644 --- a/settings/Controller/CheckSetupController.php +++ b/settings/Controller/CheckSetupController.php @@ -289,7 +289,7 @@ class CheckSetupController extends Controller { $trustedProxies = $this->config->getSystemValue('trusted_proxies', []); $remoteAddress = $this->request->getHeader('REMOTE_ADDR'); - if (empty($trustedProxies) && $this->request->getHeader('X-Forwarded-Host')) { + if ($trustedProxies === [] && $this->request->getHeader('X-Forwarded-Host') !== '') { return false; } From ff629ad158a6e2b1ae0202733e31f1ae14723d96 Mon Sep 17 00:00:00 2001 From: Daniel Kesselberg Date: Wed, 20 Mar 2019 19:59:32 +0100 Subject: [PATCH 2/2] Trigger warning if empty array or false and X-Forwarded-Host is present Signed-off-by: Daniel Kesselberg --- settings/Controller/CheckSetupController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/settings/Controller/CheckSetupController.php b/settings/Controller/CheckSetupController.php index 372a0a35e8..9b4dc1c095 100644 --- a/settings/Controller/CheckSetupController.php +++ b/settings/Controller/CheckSetupController.php @@ -289,7 +289,7 @@ class CheckSetupController extends Controller { $trustedProxies = $this->config->getSystemValue('trusted_proxies', []); $remoteAddress = $this->request->getHeader('REMOTE_ADDR'); - if ($trustedProxies === [] && $this->request->getHeader('X-Forwarded-Host') !== '') { + if (empty($trustedProxies) && $this->request->getHeader('X-Forwarded-Host') !== '') { return false; }