summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lib/Controller/ChatController.php16
-rw-r--r--psalm.xml2
-rw-r--r--tests/php/Controller/ChatControllerTest.php6
3 files changed, 8 insertions, 16 deletions
diff --git a/lib/Controller/ChatController.php b/lib/Controller/ChatController.php
index f82d2fd08..4bd64c9d8 100644
--- a/lib/Controller/ChatController.php
+++ b/lib/Controller/ChatController.php
@@ -24,7 +24,6 @@ declare(strict_types=1);
namespace OCA\Talk\Controller;
-use OC\Security\TrustedDomainHelper;
use OCA\Talk\Chat\AutoComplete\SearchPlugin;
use OCA\Talk\Chat\AutoComplete\Sorter;
use OCA\Talk\Chat\ChatManager;
@@ -53,6 +52,7 @@ use OCP\IRequest;
use OCP\IUserManager;
use OCP\RichObjectStrings\InvalidObjectExeption;
use OCP\RichObjectStrings\IValidator;
+use OCP\Security\ITrustedDomainHelper;
use OCP\User\Events\UserLiveStatusEvent;
use OCP\UserStatus\IManager as IUserStatusManager;
use OCP\UserStatus\IUserStatus;
@@ -110,7 +110,7 @@ class ChatController extends AEnvironmentAwareController {
/** @var IValidator */
protected $richObjectValidator;
- /** @var TrustedDomainHelper */
+ /** @var ITrustedDomainHelper */
protected $trustedDomainHelper;
/** @var IL10N */
@@ -134,7 +134,7 @@ class ChatController extends AEnvironmentAwareController {
ITimeFactory $timeFactory,
IEventDispatcher $eventDispatcher,
IValidator $richObjectValidator,
- TrustedDomainHelper $trustedDomainHelper,
+ ITrustedDomainHelper $trustedDomainHelper,
IL10N $l) {
parent::__construct($appName, $request);
@@ -291,14 +291,8 @@ class ChatController extends AEnvironmentAwareController {
$data['type'] = $objectType;
$data['id'] = $objectId;
- if (isset($data['link'])) {
- $parsedUrl = parse_url($data['link']);
- $domain = $parsedUrl['host'] ?? '';
- $domain .= isset($parsedUrl['port']) && $parsedUrl['port'] ? (':' . $parsedUrl['port']) : '';
-
- if (!$this->trustedDomainHelper->isTrustedDomain($domain)) {
- return new DataResponse([], Http::STATUS_BAD_REQUEST);
- }
+ if (isset($data['link']) && !$this->trustedDomainHelper->isTrustedUrl($data['link'])) {
+ return new DataResponse([], Http::STATUS_BAD_REQUEST);
}
try {
diff --git a/psalm.xml b/psalm.xml
index f326607cf..48a82f9cd 100644
--- a/psalm.xml
+++ b/psalm.xml
@@ -25,7 +25,6 @@
<referencedClass name="Doctrine\DBAL\Types\Types" />
<referencedClass name="GuzzleHttp\Exception\ClientException" />
<referencedClass name="OC" />
- <referencedClass name="OC\Security\TrustedDomainHelper" />
<referencedClass name="OCA\Circles\Api\v1\Circles" />
<referencedClass name="OCA\Circles\Events\AddingCircleMemberEvent" />
<referencedClass name="OCA\Circles\Events\CircleDestroyedEvent" />
@@ -47,7 +46,6 @@
<referencedClass name="Doctrine\DBAL\Schema\SchemaException" />
<referencedClass name="Doctrine\DBAL\Schema\Table" />
<referencedClass name="OC\DB\ConnectionAdapter" />
- <referencedClass name="OC\Security\TrustedDomainHelper" />
<referencedClass name="OCA\Circles\Model\Member" />
<referencedClass name="OCA\DAV\CardDAV\PhotoCache" />
<referencedClass name="OCA\FederatedFileSharing\AddressHandler" />
diff --git a/tests/php/Controller/ChatControllerTest.php b/tests/php/Controller/ChatControllerTest.php
index 250c92c59..92473c7fd 100644
--- a/tests/php/Controller/ChatControllerTest.php
+++ b/tests/php/Controller/ChatControllerTest.php
@@ -23,7 +23,6 @@
namespace OCA\Talk\Tests\php\Controller;
-use OC\Security\TrustedDomainHelper;
use OCA\Talk\Chat\AutoComplete\SearchPlugin;
use OCA\Talk\Chat\ChatManager;
use OCA\Talk\Chat\MessageParser;
@@ -49,6 +48,7 @@ use OCP\IRequest;
use OCP\IUser;
use OCP\IUserManager;
use OCP\RichObjectStrings\IValidator;
+use OCP\Security\ITrustedDomainHelper;
use OCP\UserStatus\IManager as IUserStatusManager;
use PHPUnit\Framework\Constraint\Callback;
use PHPUnit\Framework\MockObject\MockObject;
@@ -88,7 +88,7 @@ class ChatControllerTest extends TestCase {
protected $timeFactory;
/** @var IValidator|MockObject */
protected $richObjectValidator;
- /** @var TrustedDomainHelper|MockObject */
+ /** @var ITrustedDomainHelper|MockObject */
protected $trustedDomainHelper;
/** @var IL10N|MockObject */
private $l;
@@ -121,7 +121,7 @@ class ChatControllerTest extends TestCase {
$this->eventDispatcher = $this->createMock(IEventDispatcher::class);
$this->timeFactory = $this->createMock(ITimeFactory::class);
$this->richObjectValidator = $this->createMock(IValidator::class);
- $this->trustedDomainHelper = $this->createMock(TrustedDomainHelper::class);
+ $this->trustedDomainHelper = $this->createMock(ITrustedDomainHelper::class);
$this->l = $this->createMock(IL10N::class);
$this->room = $this->createMock(Room::class);
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-18 12:13:24 +0000