EVOgeek
/
Vmeda.Online
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #2206 from dpalou/MOBILE-3213 

MOBILE-3213 core: Don't use tokenpluginfile for customcert
main
Juan Leyva 2019-12-11 15:40:05 +01:00 committed by GitHub
parent a317925844 4c09231e14
commit be8a3a2b66
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 23 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/classes/site.ts
View File

@ -1925,8 +1925,8 @@ export class CoreSite {
* @return Promise resolved with boolean: whether it works or not.
*/
checkTokenPluginFile(url: string): Promise<boolean> {
if (!this.infos || !this.infos.userprivateaccesskey) {
// No access key, cannot use tokenpluginfile.
if (!this.urlUtils.canUseTokenPluginFile(url, this.siteUrl, this.infos && this.infos.userprivateaccesskey)) {
// Cannot use tokenpluginfile.
return Promise.resolve(false);
} else if (typeof this.tokenPluginFileWorks != 'undefined') {
// Already checked.
@ -1937,9 +1937,6 @@ export class CoreSite {
} else if (!this.appProvider.isOnline()) {
// Not online, cannot check it. Assume it's working, but don't save the result.
return Promise.resolve(true);
} else if (!this.urlUtils.isPluginFileUrl(url)) {
// Not a pluginfile URL, ignore it.
return Promise.resolve(false);
}
url = this.fixPluginfileURL(url);

27
src/providers/utils/url.ts
View File

@ -89,6 +89,22 @@ export class CoreUrlUtilsProvider {
return '<a href="' + url + '">' + text + '</a>';
}
/**
* Check whether we can use tokenpluginfile.php endpoint for a certain URL.
*
* @param url URL to check.
* @param siteUrl The URL of the site the URL belongs to.
* @param accessKey User access key for tokenpluginfile.
* @return Whether tokenpluginfile.php can be used.
*/
canUseTokenPluginFile(url: string, siteUrl: string, accessKey?: string): boolean {
// Do not use tokenpluginfile if site doesn't use slash params, the URL doesn't work.
// Also, only use it for "core" pluginfile endpoints. Some plugins can implement their own endpoint (like customcert).
return accessKey && !url.match(/[\&?]file=/) && (
url.indexOf(this.textUtils.concatenatePaths(siteUrl, 'pluginfile.php')) === 0 ||
url.indexOf(this.textUtils.concatenatePaths(siteUrl, 'webservice/pluginfile.php')) === 0);
}
/**
* Extracts the parameters from a URL and stores them in an object.
*
@ -151,8 +167,10 @@ export class CoreUrlUtilsProvider {
url = url.replace(/&amp;/g, '&');
const canUseTokenPluginFile = accessKey && this.canUseTokenPluginFile(url, siteUrl, accessKey);
// First check if we need to fix this url or is already fixed.
if (!accessKey && url.indexOf('token=') != -1) {
if (!canUseTokenPluginFile && url.indexOf('token=') != -1) {
return url;
}
@ -161,11 +179,8 @@ export class CoreUrlUtilsProvider {
return url;
}
const hasSlashParams = !url.match(/[\&?]file=/);
if (accessKey && hasSlashParams) {
// We have the user access key, use tokenpluginfile.php.
// Do not use it without slash params, the URL doesn't work.
if (canUseTokenPluginFile) {
// Use tokenpluginfile.php.
url = url.replace(/(\/webservice)?\/pluginfile\.php/, '/tokenpluginfile.php/' + accessKey);
return url;