1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-29 10:12:41 +01:00

Fix excessively severe CSP URI error during first-time setup

Summary:
See D19394. Currently, during first-time setup before you configure "phabricator.base-uri", we may attempt to generate a setup page, try to generate a CSP header for it, and fail to access the environmental config. This causes a too-severe error page ("configure phabricator.base-uri") instead of preflight guidance (like "can't connect to MySQL").

Instead, treat this more like "security.alternate-file-domain" and just bail on CSP if we can't fetch it.

Test Plan: On a fresh (non-explodey laptop) install with critical setup errors (no MySQL installed yet), loaded Phabricator. Before: error about phabricator.base-uri. After: more helpful guidance about installing/configuring MySQL.

Reviewers: amckinley, avivey

Reviewed By: amckinley

Differential Revision: https://secure.phabricator.com/D19396
This commit is contained in:
epriestley 2018-04-21 09:08:13 -07:00
parent 33da9f833f
commit 7622f6afcc

View file

@ -113,6 +113,7 @@ abstract class AphrontResponse extends Phobject {
try { try {
$cdn = PhabricatorEnv::getEnvConfig('security.alternate-file-domain'); $cdn = PhabricatorEnv::getEnvConfig('security.alternate-file-domain');
$base_uri = PhabricatorEnv::getURI('/');
} catch (Exception $ex) { } catch (Exception $ex) {
return null; return null;
} }
@ -124,8 +125,6 @@ abstract class AphrontResponse extends Phobject {
// If an alternate file domain is not configured and the user is viewing // If an alternate file domain is not configured and the user is viewing
// a Phame blog on a custom domain or some other custom site, we'll still // a Phame blog on a custom domain or some other custom site, we'll still
// serve resources from the main site. Include the main site explicitly. // serve resources from the main site. Include the main site explicitly.
$base_uri = PhabricatorEnv::getURI('/');
$base_uri = $this->newContentSecurityPolicySource($base_uri); $base_uri = $this->newContentSecurityPolicySource($base_uri);
$default = "'self' {$base_uri}"; $default = "'self' {$base_uri}";