diff options
| author | zotlabs <mike@macgirvin.com> | 2017-11-03 14:07:00 -0700 |
|---|---|---|
| committer | zotlabs <mike@macgirvin.com> | 2017-11-03 14:07:00 -0700 |
| commit | 1159dd59edc40b753b9f4fe55165b4ee3c22285d (patch) | |
| tree | c396300847e0c849acd4426bac5949099944474f | |
| parent | e70bd0054c4ffb8aadeec8ee7c14dccdb34ab934 (diff) | |
| download | volse-hubzilla-1159dd59edc40b753b9f4fe55165b4ee3c22285d.tar.gz volse-hubzilla-1159dd59edc40b753b9f4fe55165b4ee3c22285d.tar.bz2 volse-hubzilla-1159dd59edc40b753b9f4fe55165b4ee3c22285d.zip | |
fix cloud redirects with owt tokens
| -rw-r--r-- | Zotlabs/Module/Cloud.php | 19 | ||||
| -rw-r--r-- | include/zid.php | 25 |
2 files changed, 39 insertions, 5 deletions
diff --git a/Zotlabs/Module/Cloud.php b/Zotlabs/Module/Cloud.php index 75191a279..d2264092b 100644 --- a/Zotlabs/Module/Cloud.php +++ b/Zotlabs/Module/Cloud.php @@ -57,12 +57,21 @@ class Cloud extends \Zotlabs\Web\Controller { $auth->observer = $ob_hash; } + // if we arrived at this path with any query parameters in the url, build a clean url without + // them and redirect. + // @fixme if the filename has an ampersand in it AND there are query parameters, + // this may not do the right thing. + + if((strpos($_SERVER['QUERY_STRING'],'?') !== false) || (strpos($_SERVER['QUERY_STRING'],'&') !== false && strpos($_SERVER['QUERY_STRING'],'&') === false)) { + $path = z_root(); + if(argc()) { + foreach(\App::$argv as $a) { + $path .= '/' . $a; + } + } + goaway($path); + } - $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']); - $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']); - - $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']); - $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']); $rootDirectory = new \Zotlabs\Storage\Directory('/', $auth); diff --git a/include/zid.php b/include/zid.php index ce9f70385..5ade6b0f8 100644 --- a/include/zid.php +++ b/include/zid.php @@ -89,10 +89,35 @@ function strip_zids($s) { return preg_replace('/[\?&]zid=(.*?)(&|$)/ism','$2',$s); } +function strip_owt($s) { + return preg_replace('/[\?&]owt=(.*?)(&|$)/ism','$2',$s); +} + function strip_zats($s) { return preg_replace('/[\?&]zat=(.*?)(&|$)/ism','$2',$s); } +function strip_auth_query_params() { + + $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']); + $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']); + $_SERVER['QUERY_STRING'] = strip_owt($_SERVER['QUERY_STRING']); + + $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']); + $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']); + $_SERVER['REQUEST_URI'] = strip_owt($_SERVER['REQUEST_URI']); + + + $_ENV['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_ENV['QUERY_STRING']); + $_ENV['QUERY_STRING'] = strip_zids($_ENV['QUERY_STRING']); + $_ENV['QUERY_STRING'] = strip_owt($_ENV['QUERY_STRING']); + + $_ENV['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_ENV['REQUEST_URI']); + $_ENV['REQUEST_URI'] = strip_zids($_ENV['REQUEST_URI']); + $_ENV['REQUEST_URI'] = strip_owt($_ENV['REQUEST_URI']); + +} + /** * zidify_callback() and zidify_links() work together to turn any HTML a tags with class="zrl" into zid links |