Issue #56: Validate client url scheme instead of server url scheme.

CollaboraOnline · Dec 3, 2024 · fd198be · fd198be
1 parent e4d0cb9
commit fd198be
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 13 deletions.
diff --git a/src/Controller/ViewerController.php b/src/Controller/ViewerController.php
@@ -18,6 +18,7 @@
 use Drupal\Core\Controller\ControllerBase;
 use Drupal\Core\Render\RendererInterface;
 use Drupal\media\Entity\Media;
+use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 
 /**
@@ -43,14 +44,16 @@ public function __construct(
    *
    * @param \Drupal\media\Entity\Media $media
    *   Media entity.
+   * @param \Symfony\Component\HttpFoundation\Request $request
+   *   The incoming request.
    * @param bool $edit
    *   TRUE to open Collabora Online in edit mode.
    *   FALSE to open Collabora Online in readonly mode.
    *
    * @return \Symfony\Component\HttpFoundation\Response
    *   Response suitable for iframe, without the usual page decorations.
    */
-  public function editor(Media $media, $edit = FALSE) {
+  public function editor(Media $media, Request $request, $edit = FALSE) {
     $options = [
       'closebutton' => 'true',
     ];
@@ -73,6 +76,22 @@ public function editor(Media $media, $edit = FALSE) {
       );
     }
 
+    $current_request_scheme = $request->getScheme();
+    if (!str_starts_with($wopi_client_url, $current_request_scheme . '://')) {
+      $this->getLogger('cool')->error($this->t(
+        "The current request uses '@current_request_scheme' url scheme, but the Collabora client url is '@wopi_client_url'.",
+        [
+          '@current_request_scheme' => $current_request_scheme,
+          '@wopi_client_url' => $wopi_client_url,
+        ],
+      ));
+      return new Response(
+        (string) $this->t('Viewer error: Protocol mismatch.'),
+        Response::HTTP_BAD_REQUEST,
+        ['content-type' => 'text/plain'],
+      );
+    }
+
     $render_array = CoolUtils::getViewerRender($media, $wopi_client_url, $edit, $options);
 
     $render_array['#theme'] = 'collabora_online_full';

diff --git a/src/Cool/CollaboraDiscoveryFetcher.php b/src/Cool/CollaboraDiscoveryFetcher.php
@@ -112,18 +112,6 @@ protected function getWopiClientServerBaseUrl(): string {
       );
     }
 
-    $host_scheme = isset($_SERVER['HTTPS']) ? 'https' : 'http';
-    if (!str_starts_with($wopi_client_server, $host_scheme . '://')) {
-      throw new CollaboraNotAvailableException(
-        sprintf(
-          "The url scheme '%s' of the current request does not match the url scheme of the configured Collabora Online server address '%s'.",
-          $host_scheme,
-          $wopi_client_server,
-        ),
-        202,
-      );
-    }
-
     return $wopi_client_server;
   }