aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2017-11-03 14:07:00 -0700
committerzotlabs <mike@macgirvin.com>2017-11-03 14:07:00 -0700
commit1159dd59edc40b753b9f4fe55165b4ee3c22285d (patch)
treec396300847e0c849acd4426bac5949099944474f
parente70bd0054c4ffb8aadeec8ee7c14dccdb34ab934 (diff)
downloadvolse-hubzilla-1159dd59edc40b753b9f4fe55165b4ee3c22285d.tar.gz
volse-hubzilla-1159dd59edc40b753b9f4fe55165b4ee3c22285d.tar.bz2
volse-hubzilla-1159dd59edc40b753b9f4fe55165b4ee3c22285d.zip
fix cloud redirects with owt tokens
-rw-r--r--Zotlabs/Module/Cloud.php19
-rw-r--r--include/zid.php25
2 files changed, 39 insertions, 5 deletions
diff --git a/Zotlabs/Module/Cloud.php b/Zotlabs/Module/Cloud.php
index 75191a279..d2264092b 100644
--- a/Zotlabs/Module/Cloud.php
+++ b/Zotlabs/Module/Cloud.php
@@ -57,12 +57,21 @@ class Cloud extends \Zotlabs\Web\Controller {
$auth->observer = $ob_hash;
}
+ // if we arrived at this path with any query parameters in the url, build a clean url without
+ // them and redirect.
+ // @fixme if the filename has an ampersand in it AND there are query parameters,
+ // this may not do the right thing.
+
+ if((strpos($_SERVER['QUERY_STRING'],'?') !== false) || (strpos($_SERVER['QUERY_STRING'],'&') !== false && strpos($_SERVER['QUERY_STRING'],'&amp;') === false)) {
+ $path = z_root();
+ if(argc()) {
+ foreach(\App::$argv as $a) {
+ $path .= '/' . $a;
+ }
+ }
+ goaway($path);
+ }
- $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']);
- $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']);
-
- $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']);
- $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']);
$rootDirectory = new \Zotlabs\Storage\Directory('/', $auth);
diff --git a/include/zid.php b/include/zid.php
index ce9f70385..5ade6b0f8 100644
--- a/include/zid.php
+++ b/include/zid.php
@@ -89,10 +89,35 @@ function strip_zids($s) {
return preg_replace('/[\?&]zid=(.*?)(&|$)/ism','$2',$s);
}
+function strip_owt($s) {
+ return preg_replace('/[\?&]owt=(.*?)(&|$)/ism','$2',$s);
+}
+
function strip_zats($s) {
return preg_replace('/[\?&]zat=(.*?)(&|$)/ism','$2',$s);
}
+function strip_auth_query_params() {
+
+ $_SERVER['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['QUERY_STRING']);
+ $_SERVER['QUERY_STRING'] = strip_zids($_SERVER['QUERY_STRING']);
+ $_SERVER['QUERY_STRING'] = strip_owt($_SERVER['QUERY_STRING']);
+
+ $_SERVER['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_SERVER['REQUEST_URI']);
+ $_SERVER['REQUEST_URI'] = strip_zids($_SERVER['REQUEST_URI']);
+ $_SERVER['REQUEST_URI'] = strip_owt($_SERVER['REQUEST_URI']);
+
+
+ $_ENV['QUERY_STRING'] = str_replace(array('?f=', '&f='), array('', ''), $_ENV['QUERY_STRING']);
+ $_ENV['QUERY_STRING'] = strip_zids($_ENV['QUERY_STRING']);
+ $_ENV['QUERY_STRING'] = strip_owt($_ENV['QUERY_STRING']);
+
+ $_ENV['REQUEST_URI'] = str_replace(array('?f=', '&f='), array('', ''), $_ENV['REQUEST_URI']);
+ $_ENV['REQUEST_URI'] = strip_zids($_ENV['REQUEST_URI']);
+ $_ENV['REQUEST_URI'] = strip_owt($_ENV['REQUEST_URI']);
+
+}
+
/**
* zidify_callback() and zidify_links() work together to turn any HTML a tags with class="zrl" into zid links