Don't emit Content-Security-Policy when returning a response during preflight setup checks

Summary: Ref T4340. See <https://discourse.phabricator-community.org/t/core-exception-during-installation/1193/8>. If we return a response very early during setup, we may not be able to read from the environment yet. Just decline to build a "Content-Security-Policy" header in these cases. Test Plan: - Faked a preflight error (e.g., safe_mode enabled), restarted apache. - Before patch: environment error while generating CSP. - After patch: no error. - Loaded a normal page, observed an normal CSP header. Maniphest Tasks: T4340 Differential Revision: https://secure.phabricator.com/D19172
2024-11-09 16:32:39 +01:00 · 2018-03-05 06:49:30 -08:00 · 2018-03-05 06:49:30 -08:00 · f31975f7a3
commit f31975f7a3
parent 5844952153
1 changed files with 13 additions and 2 deletions
--- a/src/aphront/response/AphrontResponse.php
+++ b/src/aphront/response/AphrontResponse.php
@ -103,9 +103,20 @@ abstract class AphrontResponse extends Phobject {
      return null;
    }

-    $csp = array();
+    // NOTE: We may return a response during preflight checks (for example,
+    // if a user has a bad version of PHP).

-    $cdn = PhabricatorEnv::getEnvConfig('security.alternate-file-domain');
+    // In this case, setup isn't complete yet and we can't access environmental
+    // configuration. If we aren't able to read the environment, just decline
+    // to emit a Content-Security-Policy header.
+
+    try {
+      $cdn = PhabricatorEnv::getEnvConfig('security.alternate-file-domain');
+    } catch (Exception $ex) {
+      return null;
+    }
+
+    $csp = array();
    if ($cdn) {
      $default = $this->newContentSecurityPolicySource($cdn);
    } else {