Skip to content
Extraits de code Groupes Projets
Valider ecdd6607 rédigé par mattab's avatar mattab
Parcourir les fichiers

Renaming methods + refactoring 

as suggested in code review
parent d7fae8fb
Aucune branche associée trouvée
Aucune étiquette associée trouvée
Aucune requête de fusion associée trouvée
Masquer les modifications d'espaces
En ligne Côte à côte
core/Url.php
+ 25
9
Voir le fichier @ ecdd6607
...@@ -176,7 +176,7 @@ class Url ...@@ -176,7 +176,7 @@ class Url
*/ */
public static function getCurrentScheme() public static function getCurrentScheme()
{ {
if (self::isPiwikServerAssumeSecureConnectionIsUsed()) { if (self::isPiwikConfiguredToAssumeSecureConnection()) {
return 'https'; return 'https';
} }
return self::getCurrentSchemeFromRequestHeader(); return self::getCurrentSchemeFromRequestHeader();
...@@ -677,10 +677,25 @@ class Url ...@@ -677,10 +677,25 @@ class Url
return array('localhost', '127.0.0.1', '::1', '[::1]'); return array('localhost', '127.0.0.1', '::1', '[::1]');
} }
/**
* @return bool
*/
public static function isSecureConnectionAssumedByPiwikButNotForcedYet()
{
$isSecureConnectionLikelyNotUsed = Url::isSecureConnectionLikelyNotUsed();
$hasSessionCookieSecureFlag = ProxyHttp::isHttps();
$isSecureConnectionAssumedByPiwikButNotForcedYet = Url::isPiwikConfiguredToAssumeSecureConnection() && !SettingsPiwik::isHttpsForced();
return $isSecureConnectionLikelyNotUsed
&& $hasSessionCookieSecureFlag
&& $isSecureConnectionAssumedByPiwikButNotForcedYet;
}
/** /**
* @return string * @return string
*/ */
public static function getCurrentSchemeFromRequestHeader() protected static function getCurrentSchemeFromRequestHeader()
{ {
if ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] === true)) if ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] === true))
|| (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
...@@ -691,16 +706,17 @@ class Url ...@@ -691,16 +706,17 @@ class Url
return 'http'; return 'http';
} }
protected static function isSecureConnectionLikelyNotUsed()
{
return Url::getCurrentSchemeFromRequestHeader() == 'http';
}
/** /**
* @return bool * @return bool
*/ */
public static function isPiwikServerAssumeSecureConnectionIsUsed() protected static function isPiwikConfiguredToAssumeSecureConnection()
{ {
try { $assume_secure_protocol = @Config::getInstance()->General['assume_secure_protocol'];
$assume_secure_protocol = @Config::getInstance()->General['assume_secure_protocol']; return (bool) $assume_secure_protocol;
} catch (Exception $e) {
$assume_secure_protocol = false;
}
return $assume_secure_protocol;
} }
} }
plugins/Login/Controller.php
+ 3
16
Voir le fichier @ ecdd6607
...@@ -9,7 +9,6 @@ ...@@ -9,7 +9,6 @@
namespace Piwik\Plugins\Login; namespace Piwik\Plugins\Login;
use Exception; use Exception;
use Piwik\Auth as AuthInterface;
use Piwik\Common; use Piwik\Common;
use Piwik\Config; use Piwik\Config;
use Piwik\Container\StaticContainer; use Piwik\Container\StaticContainer;
...@@ -17,10 +16,8 @@ use Piwik\Cookie; ...@@ -17,10 +16,8 @@ use Piwik\Cookie;
use Piwik\Log; use Piwik\Log;
use Piwik\Nonce; use Piwik\Nonce;
use Piwik\Piwik; use Piwik\Piwik;
use Piwik\ProxyHttp;
use Piwik\QuickForm2; use Piwik\QuickForm2;
use Piwik\Session; use Piwik\Session;
use Piwik\SettingsPiwik;
use Piwik\Url; use Piwik\Url;
use Piwik\View; use Piwik\View;
...@@ -219,7 +216,7 @@ class Controller extends \Piwik\Plugin\Controller ...@@ -219,7 +216,7 @@ class Controller extends \Piwik\Plugin\Controller
{ {
$message = Piwik::translate('Login_InvalidNonceOrHeadersOrReferrer', array('<a href="?module=Proxy&action=redirect&url=' . urlencode('http://piwik.org/faq/how-to-install/#faq_98') . '" target="_blank">', '</a>')); $message = Piwik::translate('Login_InvalidNonceOrHeadersOrReferrer', array('<a href="?module=Proxy&action=redirect&url=' . urlencode('http://piwik.org/faq/how-to-install/#faq_98') . '" target="_blank">', '</a>'));
$message .= $this->getMessageExceptionNoAccessWhenInsecureConnectionMayBeUsed($message); $message .= $this->getMessageExceptionNoAccessWhenInsecureConnectionMayBeUsed();
return $message; return $message;
} }
...@@ -228,21 +225,12 @@ class Controller extends \Piwik\Plugin\Controller ...@@ -228,21 +225,12 @@ class Controller extends \Piwik\Plugin\Controller
* The Session cookie is set to a secure cookie, when SSL is mis-configured, it can cause the PHP session cookie ID to change on each page view. * The Session cookie is set to a secure cookie, when SSL is mis-configured, it can cause the PHP session cookie ID to change on each page view.
* Indicate to user how to solve this particular use case by forcing secure connections. * Indicate to user how to solve this particular use case by forcing secure connections.
* *
* @param $message
* @return string * @return string
*/ */
protected function getMessageExceptionNoAccessWhenInsecureConnectionMayBeUsed($message) protected function getMessageExceptionNoAccessWhenInsecureConnectionMayBeUsed()
{ {
$message = ''; $message = '';
if(Url::isSecureConnectionAssumedByPiwikButNotForcedYet()) {
$isSecureConnectionLikelyNotUsed = Url::getCurrentSchemeFromRequestHeader() == 'http';
$hasSessionCookieSecureFlag = ProxyHttp::isHttps();
$isSecureConnectionAssumedByPiwikButNotForcedYet = Url::isPiwikServerAssumeSecureConnectionIsUsed() && !SettingsPiwik::isHttpsForced();
if ( $isSecureConnectionLikelyNotUsed
&& $hasSessionCookieSecureFlag
&& $isSecureConnectionAssumedByPiwikButNotForcedYet
) {
$message = '<br/><br/>' . Piwik::translate('Login_InvalidNonceSSLMisconfigured', $message = '<br/><br/>' . Piwik::translate('Login_InvalidNonceSSLMisconfigured',
array( array(
'<a href="?module=Proxy&action=redirect&url=' . urlencode('<a href="http://piwik.org/faq/how-to/faq_91/">') . '">', '<a href="?module=Proxy&action=redirect&url=' . urlencode('<a href="http://piwik.org/faq/how-to/faq_91/">') . '">',
...@@ -381,5 +369,4 @@ class Controller extends \Piwik\Plugin\Controller ...@@ -381,5 +369,4 @@ class Controller extends \Piwik\Plugin\Controller
Url::redirectToUrl($logoutUrl); Url::redirectToUrl($logoutUrl);
} }
} }
} }
0% ou .
You are about to add 0 people to the discussion. Proceed with caution.
Terminez d'abord l'édition de ce message.
Veuillez vous inscrire ou vous pour commenter