upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-28 04:32:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 25

Improve success messages for ForwarderForHeaders setup check

Browse source 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
This commit is contained in:
Côme Chilliet 2023-11-20 16:12:19 +01:00
parent f023216cf4
commit 1f4e0927ba
No known key found for this signature in database
GPG key ID: A3E2F658B28C760A
2 changed files with 8 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
apps/settings/lib/SetupChecks/BruteForceThrottler.php
View file

@ -55,10 +55,10 @@ class BruteForceThrottler implements ISetupCheck {
if ($address === '') {
if (\OC::$CLI) {
/* We were called from CLI */
return SetupResult::info('Your remote address could not be determined.');
return SetupResult::info($this->l10n->t('Your remote address could not be determined.'));
} else {
/* Should never happen */
return SetupResult::error('Your remote address could not be determined.');
return SetupResult::error($this->l10n->t('Your remote address could not be determined.'));
}
} elseif ($this->throttler->showBruteforceWarning($address)) {
return SetupResult::error(

11
apps/settings/lib/SetupChecks/ForwardedForHeaders.php
View file

@ -53,18 +53,19 @@ class ForwardedForHeaders implements ISetupCheck {
public function run(): SetupResult {
$trustedProxies = $this->config->getSystemValue('trusted_proxies', []);
$remoteAddress = $this->request->getHeader('REMOTE_ADDR');
$detectedRemoteAddress = $this->request->getRemoteAddress();
if (!\is_array($trustedProxies)) {
return SetupResult::error($this->l10n->t('Your trusted_proxies setting is not correctly set, it should be an array.'));
}
if (($remoteAddress === '') && ($this->request->getRemoteAddress() === '')) {
if (($remoteAddress === '') && ($detectedRemoteAddress === '')) {
if (\OC::$CLI) {
/* We were called from CLI */
return SetupResult::info('Your remote address could not be determined.');
return SetupResult::info($this->l10n->t('Your remote address could not be determined.'));
} else {
/* Should never happen */
return SetupResult::error('Your remote address could not be determined.');
return SetupResult::error($this->l10n->t('Your remote address could not be determined.'));
}
}
@ -76,9 +77,9 @@ class ForwardedForHeaders implements ISetupCheck {
}
if (\in_array($remoteAddress, $trustedProxies, true) && ($remoteAddress !== '127.0.0.1')) {
if ($remoteAddress !== $this->request->getRemoteAddress()) {
if ($remoteAddress !== $detectedRemoteAddress) {
/* Remote address was successfuly fixed */
return SetupResult::success('Working');
return SetupResult::success($this->l10n->t('Your IP address was resolved as %s', $detectedRemoteAddress));
} else {
return SetupResult::warning(
$this->l10n->t('The reverse proxy header configuration is incorrect, or you are accessing Nextcloud from a trusted proxy. If not, this is a security issue and can allow an attacker to spoof their IP address as visible to the Nextcloud.'),