Skip to content
Snippets Groups Projects
Unverified Commit 329ffa25 authored by Joas Schilling's avatar Joas Schilling
Browse files

Log an error when setting a custom header on "Not Modified" responses 


Signed-off-by: default avatarJoas Schilling <coding@schilljs.com>
parent 8506d086
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/public/AppFramework/Http/Response.php
+ 14
0
View file @ 329ffa25
...@@ -38,6 +38,8 @@ namespace OCP\AppFramework\Http; ...@@ -38,6 +38,8 @@ namespace OCP\AppFramework\Http;
use OCP\AppFramework\Http; use OCP\AppFramework\Http;
use OCP\AppFramework\Utility\ITimeFactory; use OCP\AppFramework\Utility\ITimeFactory;
use OCP\IConfig;
use Psr\Log\LoggerInterface;
/** /**
* Base class for responses. Also used to just send headers. * Base class for responses. Also used to just send headers.
...@@ -203,6 +205,18 @@ class Response { ...@@ -203,6 +205,18 @@ class Response {
// to be able to reliably check for security // to be able to reliably check for security
// headers // headers
if ($this->status === Http::STATUS_NOT_MODIFIED
&& stripos($name, 'x-') === 0) {
/** @var IConfig $config */
$config = \OC::$server->get(IConfig::class);
if ($config->getSystemValueBool('debug', false)) {
\OC::$server->get(LoggerInterface::class)->error(
'Setting a custom header on a 204 or 304 is not supported'
);
}
}
if (is_null($value)) { if (is_null($value)) {
unset($this->headers[$name]); unset($this->headers[$name]);
} else { } else {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment