-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Default HTTPS for fed sharing & config option for allowing fallback #30198
Conversation
lib/private/Share/Share.php
Outdated
@@ -2666,6 +2666,7 @@ public static function removeProtocolFromUrl($url) { | |||
* @return array | |||
*/ | |||
private static function tryHttpPostToShareEndpoint($remoteDomain, $urlSuffix, array $fields) { | |||
$allowHttpFallback = \OC::$server->getConfig()->getSystemValue('sharing.federation.allowHttpFallback', 'no') === 'yes'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In config.sample.php
above you have as values true/false
but here you use yes/no
.
Suggesting to use true/false
homogeniously.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @mmattel for the spot. I was originally using appconfig but concluded on config.php so we can use booleans here. Updated the PR to reflect this.
aaa3f16
to
0f63f03
Compare
Codecov Report
@@ Coverage Diff @@
## master #30198 +/- ##
============================================
+ Coverage 61.84% 61.84% +<.01%
- Complexity 19064 19065 +1
============================================
Files 1091 1091
Lines 61480 61486 +6
============================================
+ Hits 38020 38026 +6
Misses 23460 23460
Continue to review full report at Codecov.
|
Triple CI failure due to bad luck. Please rebase and solve conflict and be more lucky |
3171550
to
cf14b4f
Compare
rebased, squashed and resolved conflict - let's wait for CI |
|
cf14b4f
to
0ee7517
Compare
Fixed the failing tests - runs fine locally. |
hmm there are still failures:
|
Running all tests locally with PHP 7.1 and sqlite does not produce this error. I even shut down my local web server in case it was trying to connect there... Mystery... Let's rebase this anyway as we have library updates on master |
@ownclouders rebase |
Hey! I'm GitMate.io! This pull request is being rebased automatically. Please DO NOT push while rebase is in progress or your changes would be lost permanently |
…lowing fallback to http
Automated rebase with GitMate.io was successful! 🎉 |
0ee7517
to
54b4c02
Compare
tests still pass locally... |
@tomneedham please backport |
Backport stable10 #30646 |
Not working, raised here #31194 |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
Description
Only uses HTTPS for federated share communication - unless admins explicitly allow HTTP (useful for testing as well)
Related Issue
Potential for users to setup shares via HTTP with unsecure servers without the admin knowing.
Motivation and Context
MITM
How Has This Been Tested?
not yet
Screenshots (if appropriate):
Types of changes
Checklist: