mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-29 10:12:41 +01:00
Fix excessively severe CSP URI error during first-time setup
Summary: See D19394. Currently, during first-time setup before you configure "phabricator.base-uri", we may attempt to generate a setup page, try to generate a CSP header for it, and fail to access the environmental config. This causes a too-severe error page ("configure phabricator.base-uri") instead of preflight guidance (like "can't connect to MySQL"). Instead, treat this more like "security.alternate-file-domain" and just bail on CSP if we can't fetch it. Test Plan: On a fresh (non-explodey laptop) install with critical setup errors (no MySQL installed yet), loaded Phabricator. Before: error about phabricator.base-uri. After: more helpful guidance about installing/configuring MySQL. Reviewers: amckinley, avivey Reviewed By: amckinley Differential Revision: https://secure.phabricator.com/D19396
This commit is contained in:
parent
33da9f833f
commit
7622f6afcc
1 changed files with 1 additions and 2 deletions
|
@ -113,6 +113,7 @@ abstract class AphrontResponse extends Phobject {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$cdn = PhabricatorEnv::getEnvConfig('security.alternate-file-domain');
|
$cdn = PhabricatorEnv::getEnvConfig('security.alternate-file-domain');
|
||||||
|
$base_uri = PhabricatorEnv::getURI('/');
|
||||||
} catch (Exception $ex) {
|
} catch (Exception $ex) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
@ -124,8 +125,6 @@ abstract class AphrontResponse extends Phobject {
|
||||||
// If an alternate file domain is not configured and the user is viewing
|
// If an alternate file domain is not configured and the user is viewing
|
||||||
// a Phame blog on a custom domain or some other custom site, we'll still
|
// a Phame blog on a custom domain or some other custom site, we'll still
|
||||||
// serve resources from the main site. Include the main site explicitly.
|
// serve resources from the main site. Include the main site explicitly.
|
||||||
|
|
||||||
$base_uri = PhabricatorEnv::getURI('/');
|
|
||||||
$base_uri = $this->newContentSecurityPolicySource($base_uri);
|
$base_uri = $this->newContentSecurityPolicySource($base_uri);
|
||||||
|
|
||||||
$default = "'self' {$base_uri}";
|
$default = "'self' {$base_uri}";
|
||||||
|
|
Loading…
Reference in a new issue