[Libreoffice-commits] online.git: wsd/FileServer.cpp

Mon May 8 10:03:29 UTC 2017

wsd/FileServer.cpp |   34 +++++++++++++++++++++++++---------
 1 file changed, 25 insertions(+), 9 deletions(-)

New commits:
commit 624fc5c5de03c730ce31fa07126097d688725d81
Author: Pranav Kant <pranavk at collabora.co.uk>
Date:   Mon May 8 15:26:16 2017 +0530

    wsd: Use HTTP Referer and then WOPISrc for frame ancestor
    
    This is required in those setup where the document is not served from
    the same host user is currently connected to. Use the Referer[sic]
    header to set the frame ancestors and if they are absent, fallback to
    WOPISrc value provided by the WOPI host.
    
    Change-Id: Ia63a213d10aca2df56a2884e07322c1cd8056ff8

diff --git a/wsd/FileServer.cpp b/wsd/FileServer.cpp
index ac4be4c6..7d7dba3e 100644
--- a/wsd/FileServer.cpp
+++ b/wsd/FileServer.cpp
@@ -394,17 +394,33 @@ void FileServerRequestHandler::preprocessFile(const HTTPRequest& request, Poco::
 {
     const auto host = ((LOOLWSD::isSSLEnabled() || LOOLWSD::isSSLTermination()) ? "wss://" : "ws://") + (LOOLWSD::ServerName.empty() ? request.getHost() : LOOLWSD::ServerName);
     const auto params = Poco::URI(request.getURI()).getQueryParameters();
-    std::string wopiDomain;
-    for (const auto& param : params)
+    std::string frameAncestor;
+    const auto it = request.find("Referer"); // Referer[sic]
+    if (it != request.end())
     {
-        if (param.first == "WOPISrc")
+        frameAncestor = it->second;
+        LOG_TRC("Picking frame ancestor from HTTP Referer header: " << frameAncestor);
+    }
+    else // Use WOPISrc value if Referer is absent
+    {
+        for (const auto& param : params)
         {
-            std::string wopiHost;
-            Poco::URI::decode(param.second, wopiHost);
-            wopiDomain = Poco::URI(wopiHost).getScheme() + "://" + Poco::URI(wopiHost).getHost();
+            if (param.first == "WOPISrc")
+            {
+                Poco::URI::decode(param.second, frameAncestor);
+                LOG_TRC("Picking frame ancestor from WOPISrc: " << frameAncestor);
+                break;
+            }
         }
     }
 
+    // Keep only the origin, reject everything else
+    if (!Poco::URI(frameAncestor).getScheme().empty() && !Poco::URI(frameAncestor).getHost().empty())
+    {
+        frameAncestor = Poco::URI(frameAncestor).getScheme() + "://" + Poco::URI(frameAncestor).getHost();
+        LOG_TRC("Final frame ancestor: " << frameAncestor);
+    }
+
     // Is this a file we read at startup - if not; its not for serving.
     const std::string relPath = getRequestPathname(request);
     LOG_DBG("Preprocessing file: " << relPath);
@@ -488,11 +504,11 @@ void FileServerRequestHandler::preprocessFile(const HTTPRequest& request, Poco::
            << "style-src 'self' 'unsafe-inline'; "
            << "font-src 'self' data:; "
            << "img-src 'self' data:; ";
-    if (!wopiDomain.empty())
+    if (!frameAncestor.empty())
     {
         // Replaced by frame-ancestors in CSP but some oldies don't know about that
-        oss << "X-Frame-Options: allow-from " << wopiDomain << "\r\n";
-        cspOss << "frame-ancestors " << wopiDomain;
+        oss << "X-Frame-Options: allow-from " << frameAncestor << "\r\n";
+        cspOss << "frame-ancestors " << frameAncestor;
     }
     else
     {
