mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-22 13:30:55 +01:00
Make auth.email-domains case-insensitive
Summary: Fixes T5143. Currently, if your allowed domain is "example.com", we reject signups from "@Example.com". Instead, lowercase both parts before performing the check. Test Plan: - Before patch: - Set allowed domains to "yghe.net". - Tried "x@yghe.net", no error. - Tried "x@xxxy.net", error. - Tried "x@yghE.net", incorrectly results in an error. - After patch: - Set allowed domains to "yghe.net". - Tried "x@yghe.net", no error. - Tried "x@xxxy.net", error. - Tried "x@yghE.net", this correctly no longer produces an error. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T5143 Differential Revision: https://secure.phabricator.com/D9261
This commit is contained in:
parent
c88385fa22
commit
a76f61f7e1
1 changed files with 9 additions and 1 deletions
|
@ -89,7 +89,15 @@ final class PhabricatorUserEmail extends PhabricatorUserDAO {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
return in_array($domain, $allowed_domains);
|
$lower_domain = phutil_utf8_strtolower($domain);
|
||||||
|
foreach ($allowed_domains as $allowed_domain) {
|
||||||
|
$lower_allowed = phutil_utf8_strtolower($allowed_domain);
|
||||||
|
if ($lower_allowed === $lower_domain) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue