mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-23 05:50:55 +01:00
Add "Core" config, with complex validation
Summary: This is more or less a copy of the validation which lives in `webroot/index.php` right now, but I don't want to wipe that out just yet because there's no way for normal users to see this new validation. Test Plan: Tried to set "phabricator.base-uri" to crazy nonsense, was harshly rebuffed. Reviewers: codeblock, btrahan Reviewed By: codeblock CC: aran Maniphest Tasks: T2255 Differential Revision: https://secure.phabricator.com/D4316
This commit is contained in:
parent
a86fd38394
commit
ec7d799b2f
2 changed files with 88 additions and 0 deletions
|
@ -708,6 +708,7 @@ phutil_register_library_map(array(
|
|||
'PhabricatorContentSource' => 'applications/metamta/contentsource/PhabricatorContentSource.php',
|
||||
'PhabricatorContentSourceView' => 'applications/metamta/contentsource/PhabricatorContentSourceView.php',
|
||||
'PhabricatorController' => 'applications/base/controller/PhabricatorController.php',
|
||||
'PhabricatorCoreConfigOptions' => 'applications/config/option/PhabricatorCoreConfigOptions.php',
|
||||
'PhabricatorCountdownController' => 'applications/countdown/controller/PhabricatorCountdownController.php',
|
||||
'PhabricatorCountdownDAO' => 'applications/countdown/storage/PhabricatorCountdownDAO.php',
|
||||
'PhabricatorCountdownDeleteController' => 'applications/countdown/controller/PhabricatorCountdownDeleteController.php',
|
||||
|
@ -2051,6 +2052,7 @@ phutil_register_library_map(array(
|
|||
'PhabricatorConfigValidationException' => 'Exception',
|
||||
'PhabricatorContentSourceView' => 'AphrontView',
|
||||
'PhabricatorController' => 'AphrontController',
|
||||
'PhabricatorCoreConfigOptions' => 'PhabricatorApplicationConfigOptions',
|
||||
'PhabricatorCountdownController' => 'PhabricatorController',
|
||||
'PhabricatorCountdownDAO' => 'PhabricatorLiskDAO',
|
||||
'PhabricatorCountdownDeleteController' => 'PhabricatorCountdownController',
|
||||
|
|
|
@ -0,0 +1,86 @@
|
|||
<?php
|
||||
|
||||
final class PhabricatorCoreConfigOptions
|
||||
extends PhabricatorApplicationConfigOptions {
|
||||
|
||||
public function getName() {
|
||||
return pht("Core");
|
||||
}
|
||||
|
||||
public function getDescription() {
|
||||
return pht("Configure core options, including URIs.");
|
||||
}
|
||||
|
||||
public function getOptions() {
|
||||
return array(
|
||||
$this->newOption('phabricator.base-uri', 'string', null)
|
||||
->setSummary(pht("URI where Phabricator is installed."))
|
||||
->setDescription(
|
||||
pht(
|
||||
"Set the URI where Phabricator is installed. Setting this ".
|
||||
"improves security by preventing cookies from being set on other ".
|
||||
"domains, and allows daemons to send emails with links that have ".
|
||||
"the correct domain."))
|
||||
->addExample('http://phabricator.example.com/', 'Valid Setting'),
|
||||
$this->newOption('phabricator.production-uri', 'string', null)
|
||||
->setSummary(
|
||||
pht("Primary install URI, for multi-environment installs."))
|
||||
->setDescription(
|
||||
pht(
|
||||
"If you have multiple Phabricator environments (like a ".
|
||||
"development/staging environment for working on testing ".
|
||||
"Phabricator, and a production environment for deploying it), ".
|
||||
"set the production environment URI here so that emails and other ".
|
||||
"durable URIs will always generate with links pointing at the ".
|
||||
"production environment. If unset, defaults to ".
|
||||
"{{phabricator.base-uri}}. Most installs do not need to set ".
|
||||
"this option."))
|
||||
->addExample('http://phabricator.example.com/', 'Valid Setting')
|
||||
);
|
||||
}
|
||||
|
||||
protected function didValidateOption(
|
||||
PhabricatorConfigOption $option,
|
||||
$value) {
|
||||
|
||||
$key = $option->getKey();
|
||||
if ($key == 'phabricator.base-uri' ||
|
||||
$key == 'phabricator.production-uri') {
|
||||
|
||||
$uri = new PhutilURI($value);
|
||||
$protocol = $uri->getProtocol();
|
||||
if ($protocol !== 'http' && $protocol !== 'https') {
|
||||
throw new PhabricatorConfigValidationException(
|
||||
pht(
|
||||
"Config option '%s' is invalid. The URI must start with ".
|
||||
"'http://' or 'https://'.",
|
||||
$key));
|
||||
}
|
||||
|
||||
$domain = $uri->getDomain();
|
||||
if (strpos($domain, '.') === false) {
|
||||
throw new PhabricatorConfigValidationException(
|
||||
pht(
|
||||
"Config option '%s' is invalid. The URI must contain a dot ('.'), ".
|
||||
"like 'http://example.com/', not just a bare name like ".
|
||||
"'http://example/'. Some web browsers will not set cookies on ".
|
||||
"domains with no TLD.",
|
||||
$key));
|
||||
}
|
||||
|
||||
$path = $uri->getPath();
|
||||
if ($path !== '' && $path !== '/') {
|
||||
throw new PhabricatorConfigValidationException(
|
||||
pht(
|
||||
"Config option '%s' is invalid. The URI must NOT have a path, ".
|
||||
"e.g. 'http://phabricator.example.com/' is OK, but ".
|
||||
"'http://example.com/phabricator/' is not. Phabricator must be ".
|
||||
"installed on an entire domain; it can not be installed on a ".
|
||||
"path.",
|
||||
$key));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
}
|
Loading…
Reference in a new issue