Add Allowed uris config

Summary: Kind of a quick look at an idea for T2184 Ref T2184 Test Plan: Make sure the site still loads Reviewers: epriestley CC: aran, Korvin, mbishopim3 Maniphest Tasks: T2184 Differential Revision: https://secure.phabricator.com/D6045
2024-09-20 09:18:48 +02:00 · 2013-05-26 10:57:29 -07:00 · 2013-05-26 10:57:29 -07:00 · ef797494ca
commit ef797494ca
parent 9cf26e5e3b
4 changed files with 39 additions and 1 deletions
--- a/src/aphront/configuration/AphrontApplicationConfiguration.php
+++ b/src/aphront/configuration/AphrontApplicationConfiguration.php
@ -120,6 +120,7 @@ abstract class AphrontApplicationConfiguration {
    $file_uri     = PhabricatorEnv::getEnvConfig(
      'security.alternate-file-domain');
    $conduit_uris = PhabricatorEnv::getEnvConfig('conduit.servers');
+    $allowed_uris = PhabricatorEnv::getEnvConfig('phabricator.allowed-uris');

    $uris = array_merge(
      array(
@ -127,7 +128,8 @@ abstract class AphrontApplicationConfiguration {
        $prod_uri,
        $file_uri,
      ),
-      $conduit_uris);
+      $conduit_uris,
+      $allowed_uris);

    $host_match = false;
    foreach ($uris as $uri) {
--- a/src/applications/config/option/PhabricatorCoreConfigOptions.php
+++ b/src/applications/config/option/PhabricatorCoreConfigOptions.php
@ -37,6 +37,19 @@ final class PhabricatorCoreConfigOptions
            "{{phabricator.base-uri}}. Most installs do not need to set ".
            "this option."))
        ->addExample('http://phabricator.example.com/', pht('Valid Setting')),
+      $this->newOption('phabricator.allowed-uris', 'list<string>', array())
+        ->setLocked(true)
+        ->setSummary(pht("Alternative URIs that can access Phabricator."))
+        ->setDescription(
+          pht(
+            "These alternative URIs will be able to access 'normal' pages ".
+              "on your Phabricator install. Other features such as OAuth ".
+              "won't work. The major use case for this is moving installs ".
+              "across domains."))
+        ->addExample(
+          '["http://phabricator2.example.com/", '.
+            '"http://phabricator3.example.com/]"',
+          pht('Valid Setting')),
      $this->newOption('phabricator.timezone', 'string', null)
        ->setSummary(
          pht("The timezone Phabricator should use."))
--- a/src/applications/differential/field/specification/DifferentialRevisionIDFieldSpecification.php
+++ b/src/applications/differential/field/specification/DifferentialRevisionIDFieldSpecification.php
@ -71,6 +71,14 @@ final class DifferentialRevisionIDFieldSpecification
      if ($uri == PhabricatorEnv::getProductionURI('/D'.$id)) {
        return $id;
      }
+
+      $allowed_uris = PhabricatorEnv::getAllowedURIs('/D'.$id);
+
+      foreach ($allowed_uris as $allowed_uri) {
+        if ($uri == $allowed_uri) {
+          return $id;
+        }
+      }
    }

    return null;
--- a/src/infrastructure/env/PhabricatorEnv.php
+++ b/src/infrastructure/env/PhabricatorEnv.php
@ -278,6 +278,21 @@ final class PhabricatorEnv {
    return rtrim($production_domain, '/').$path;
  }

+  public static function getAllowedURIs($path) {
+    $uri = new PhutilURI($path);
+    if ($uri->getDomain()) {
+      return $path;
+    }
+
+    $allowed_uris = self::getEnvConfig('phabricator.allowed-uris');
+    $return = array();
+    foreach ($allowed_uris as $allowed_uri) {
+      $return[] = rtrim($allowed_uri, '/').$path;
+    }
+
+    return $return;
+  }
+

  /**
   * Get the fully-qualified production URI for a static resource path.