[Libreoffice-commits] online.git: wsd/Storage.cpp

[Mike Kaganski (via logerrit)]

 wsd/Storage.cpp |   13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

New commits:
commit 098c0a5752488909c5b676b5d1fccf52a7515207
Author:     Mike Kaganski <mike.kaganski at collabora.com>
AuthorDate: Wed Feb 19 16:38:47 2020 +0300
Commit:     Mike Kaganski <mike.kaganski at collabora.com>
CommitDate: Wed Feb 19 15:35:26 2020 +0100

    Check that absolute URI is passed to addWopiProof
    
    Change-Id: I28385f330064645dc2c30a3c3180df2a297b2e53
    Reviewed-on: https://gerrit.libreoffice.org/c/online/+/89021
    Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice at gmail.com>
    Reviewed-by: Mike Kaganski <mike.kaganski at collabora.com>

diff --git a/wsd/Storage.cpp b/wsd/Storage.cpp
index ac347071e..e0487f817 100644
--- a/wsd/Storage.cpp
+++ b/wsd/Storage.cpp
@@ -452,10 +452,11 @@ static void addStorageReuseCookie(Poco::Net::HTTPRequest& request, const std::st
 }
 
 // access_token must be decoded
-void addWopiProof(Poco::Net::HTTPRequest& request, const std::string& uri,
+void addWopiProof(Poco::Net::HTTPRequest& request, const Poco::URI& uri,
                   const std::string& access_token)
 {
-    for (const auto& header : GetProofHeaders(access_token, uri))
+    assert(!uri.isRelative());
+    for (const auto& header : GetProofHeaders(access_token, uri.toString()))
         request.set(header.first, header.second);
 }
 
@@ -527,7 +528,7 @@ std::unique_ptr<WopiStorage::WOPIFileInfo> WopiStorage::getWOPIFileInfo(const Au
         addStorageDebugCookie(request);
         if (_reuseCookies)
             addStorageReuseCookie(request, cookies);
-        addWopiProof(request, uriObject.toString(), params["access_token"]);
+        addWopiProof(request, uriObject, params["access_token"]);
         const auto startTime = std::chrono::steady_clock::now();
 
         std::unique_ptr<Poco::Net::HTTPClientSession> psession(getHTTPClientSession(uriObject));
@@ -759,7 +760,7 @@ bool WopiStorage::updateLockState(const Authorization& auth, const std::string&
         addStorageDebugCookie(request);
         if (_reuseCookies)
             addStorageReuseCookie(request, cookies);
-        addWopiProof(request, uriObject.toString(), params["access_token"]);
+        addWopiProof(request, uriObject, params["access_token"]);
 
         psession->sendRequest(request);
         Poco::Net::HTTPResponse response;
@@ -838,7 +839,7 @@ std::string WopiStorage::loadStorageFileToLocal(const Authorization& auth,
         addStorageDebugCookie(request);
         if (_reuseCookies)
             addStorageReuseCookie(request, cookies);
-        addWopiProof(request, uriObject.toString(), params["access_token"]);
+        addWopiProof(request, uriObject, params["access_token"]);
         psession->sendRequest(request);
 
         Poco::Net::HTTPResponse response;
@@ -997,7 +998,7 @@ WopiStorage::saveLocalFileToStorage(const Authorization& auth, const std::string
         addStorageDebugCookie(request);
         if (_reuseCookies)
             addStorageReuseCookie(request, cookies);
-        addWopiProof(request, uriObject.toString(), params["access_token"]);
+        addWopiProof(request, uriObject, params["access_token"]);
         std::ostream& os = psession->sendRequest(request);
 
         std::ifstream ifs(filePath);