revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-10 08:52:39 +01:00
Code Issues Releases Wiki Activity

Add Allowed uris config

Browse source 
Summary:
Kind of a quick look at an idea for T2184

Ref T2184

Test Plan: Make sure the site still loads

Reviewers: epriestley

CC: aran, Korvin, mbishopim3

Maniphest Tasks: T2184

Differential Revision: https://secure.phabricator.com/D6045
This commit is contained in:
Gareth Evans 2013-05-26 10:57:29 -07:00 committed by epriestley
parent 9cf26e5e3b
commit ef797494ca
4 changed files with 39 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/aphront/configuration/AphrontApplicationConfiguration.php
View file

@ -120,6 +120,7 @@ abstract class AphrontApplicationConfiguration {
$file_uri = PhabricatorEnv::getEnvConfig( $file_uri = PhabricatorEnv::getEnvConfig(
'security.alternate-file-domain'); 'security.alternate-file-domain');
$conduit_uris = PhabricatorEnv::getEnvConfig('conduit.servers'); $conduit_uris = PhabricatorEnv::getEnvConfig('conduit.servers');
$allowed_uris = PhabricatorEnv::getEnvConfig('phabricator.allowed-uris');
$uris = array_merge( $uris = array_merge(
array( array(
@ -127,7 +128,8 @@ abstract class AphrontApplicationConfiguration {
$prod_uri, $prod_uri,
$file_uri, $file_uri,
), ),
$conduit_uris); $conduit_uris,
$allowed_uris);
$host_match = false; $host_match = false;
foreach ($uris as $uri) { foreach ($uris as $uri) {

13
src/applications/config/option/PhabricatorCoreConfigOptions.php
View file

@ -37,6 +37,19 @@ final class PhabricatorCoreConfigOptions
"{{phabricator.base-uri}}. Most installs do not need to set ". "{{phabricator.base-uri}}. Most installs do not need to set ".
"this option.")) "this option."))
->addExample('http://phabricator.example.com/', pht('Valid Setting')), ->addExample('http://phabricator.example.com/', pht('Valid Setting')),
$this->newOption('phabricator.allowed-uris', 'list<string>', array())
->setLocked(true)
->setSummary(pht("Alternative URIs that can access Phabricator."))
->setDescription(
pht(
"These alternative URIs will be able to access 'normal' pages ".
"on your Phabricator install. Other features such as OAuth ".
"won't work. The major use case for this is moving installs ".
"across domains."))
->addExample(
'["http://phabricator2.example.com/", '.
'"http://phabricator3.example.com/]"',
pht('Valid Setting')),
$this->newOption('phabricator.timezone', 'string', null) $this->newOption('phabricator.timezone', 'string', null)
->setSummary( ->setSummary(
pht("The timezone Phabricator should use.")) pht("The timezone Phabricator should use."))

8
src/applications/differential/field/specification/DifferentialRevisionIDFieldSpecification.php
View file

@ -71,6 +71,14 @@ final class DifferentialRevisionIDFieldSpecification
if ($uri == PhabricatorEnv::getProductionURI('/D'.$id)) { if ($uri == PhabricatorEnv::getProductionURI('/D'.$id)) {
return $id; return $id;
} }
$allowed_uris = PhabricatorEnv::getAllowedURIs('/D'.$id);
foreach ($allowed_uris as $allowed_uri) {
if ($uri == $allowed_uri) {
return $id;
}
}
} }
return null; return null;

15
src/infrastructure/env/PhabricatorEnv.php vendored
View file

@ -278,6 +278,21 @@ final class PhabricatorEnv {
return rtrim($production_domain, '/').$path; return rtrim($production_domain, '/').$path;
} }
public static function getAllowedURIs($path) {
$uri = new PhutilURI($path);
if ($uri->getDomain()) {
return $path;
}
$allowed_uris = self::getEnvConfig('phabricator.allowed-uris');
$return = array();
foreach ($allowed_uris as $allowed_uri) {
$return[] = rtrim($allowed_uri, '/').$path;
}
return $return;
}
/** /**
* Get the fully-qualified production URI for a static resource path. * Get the fully-qualified production URI for a static resource path.