EVOgeek
/
Vmeda.Online
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #2206 from dpalou/MOBILE-3213 

MOBILE-3213 core: Don't use tokenpluginfile for customcert
main
Juan Leyva 2019-12-11 15:40:05 +01:00 committed by GitHub
parent a317925844 4c09231e14
commit be8a3a2b66
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 23 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/classes/site.ts
View File

@ -1925,8 +1925,8 @@ export class CoreSite {
* @return Promise resolved with boolean: whether it works or not. * @return Promise resolved with boolean: whether it works or not.
*/ */
checkTokenPluginFile(url: string): Promise<boolean> { checkTokenPluginFile(url: string): Promise<boolean> {
if (!this.infos || !this.infos.userprivateaccesskey) { if (!this.urlUtils.canUseTokenPluginFile(url, this.siteUrl, this.infos && this.infos.userprivateaccesskey)) {
// No access key, cannot use tokenpluginfile. // Cannot use tokenpluginfile.
return Promise.resolve(false); return Promise.resolve(false);
} else if (typeof this.tokenPluginFileWorks != 'undefined') { } else if (typeof this.tokenPluginFileWorks != 'undefined') {
// Already checked. // Already checked.
@ -1937,9 +1937,6 @@ export class CoreSite {
} else if (!this.appProvider.isOnline()) { } else if (!this.appProvider.isOnline()) {
// Not online, cannot check it. Assume it's working, but don't save the result. // Not online, cannot check it. Assume it's working, but don't save the result.
return Promise.resolve(true); return Promise.resolve(true);
} else if (!this.urlUtils.isPluginFileUrl(url)) {
// Not a pluginfile URL, ignore it.
return Promise.resolve(false);
} }
url = this.fixPluginfileURL(url); url = this.fixPluginfileURL(url);

27
src/providers/utils/url.ts
View File

@ -89,6 +89,22 @@ export class CoreUrlUtilsProvider {
return '<a href="' + url + '">' + text + '</a>'; return '<a href="' + url + '">' + text + '</a>';
} }
/**
* Check whether we can use tokenpluginfile.php endpoint for a certain URL.
*
* @param url URL to check.
* @param siteUrl The URL of the site the URL belongs to.
* @param accessKey User access key for tokenpluginfile.
* @return Whether tokenpluginfile.php can be used.
*/
canUseTokenPluginFile(url: string, siteUrl: string, accessKey?: string): boolean {
// Do not use tokenpluginfile if site doesn't use slash params, the URL doesn't work.
// Also, only use it for "core" pluginfile endpoints. Some plugins can implement their own endpoint (like customcert).
return accessKey && !url.match(/[\&?]file=/) && (
url.indexOf(this.textUtils.concatenatePaths(siteUrl, 'pluginfile.php')) === 0 ||
url.indexOf(this.textUtils.concatenatePaths(siteUrl, 'webservice/pluginfile.php')) === 0);
}
/** /**
* Extracts the parameters from a URL and stores them in an object. * Extracts the parameters from a URL and stores them in an object.
* *
@ -151,8 +167,10 @@ export class CoreUrlUtilsProvider {
url = url.replace(/&amp;/g, '&'); url = url.replace(/&amp;/g, '&');
const canUseTokenPluginFile = accessKey && this.canUseTokenPluginFile(url, siteUrl, accessKey);
// First check if we need to fix this url or is already fixed. // First check if we need to fix this url or is already fixed.
if (!accessKey && url.indexOf('token=') != -1) { if (!canUseTokenPluginFile && url.indexOf('token=') != -1) {
return url; return url;
} }
@ -161,11 +179,8 @@ export class CoreUrlUtilsProvider {
return url; return url;
} }
const hasSlashParams = !url.match(/[\&?]file=/); if (canUseTokenPluginFile) {
// Use tokenpluginfile.php.
if (accessKey && hasSlashParams) {
// We have the user access key, use tokenpluginfile.php.
// Do not use it without slash params, the URL doesn't work.
url = url.replace(/(\/webservice)?\/pluginfile\.php/, '/tokenpluginfile.php/' + accessKey); url = url.replace(/(\/webservice)?\/pluginfile\.php/, '/tokenpluginfile.php/' + accessKey);
return url; return url;