allow($value); } } else { throw new CAS_TypeMismatchException($list, '$list', 'array'); } } /** * Add a base URL to the allowed list. * * @param $url protocol, host name and port to add to the allowed list * * @return void */ public function allow($url) { $this->_list[] = $this->removeStandardPort($url); } /** * Check if the server name is allowed by configuration. * * @param $name server name to check * * @return bool whether the allowed list contains the server name */ protected function isAllowed($name) { return in_array($name, $this->_list); } /** * Discover the server name through HTTP headers. * * We read: * - HTTP header X-Forwarded-Host * - HTTP header X-Forwarded-Server and X-Forwarded-Port * - HTTP header Host and SERVER_PORT * - PHP SERVER_NAME (which can change based on the HTTP server used) * * The standard port will be omitted (80 for HTTP, 443 for HTTPS). * * @return string the discovered, unsanitized server protocol, hostname and port */ protected function discover() { $isHttps = $this->isHttps(); $protocol = $isHttps ? 'https' : 'http'; $protocol .= '://'; if (!empty($_SERVER['HTTP_X_FORWARDED_HOST'])) { // explode the host list separated by comma and use the first host $hosts = explode(',', $_SERVER['HTTP_X_FORWARDED_HOST']); // see rfc7239#5.3 and rfc7230#2.7.1: port is in HTTP_X_FORWARDED_HOST if non default return $protocol . $hosts[0]; } else if (!empty($_SERVER['HTTP_X_FORWARDED_SERVER'])) { $server_url = $_SERVER['HTTP_X_FORWARDED_SERVER']; } else { if (empty($_SERVER['SERVER_NAME'])) { $server_url = $_SERVER['HTTP_HOST']; } else { $server_url = $_SERVER['SERVER_NAME']; } } if (!strpos($server_url, ':')) { if (empty($_SERVER['HTTP_X_FORWARDED_PORT'])) { $server_port = $_SERVER['SERVER_PORT']; } else { $ports = explode(',', $_SERVER['HTTP_X_FORWARDED_PORT']); $server_port = $ports[0]; } $server_url .= ':'; $server_url .= $server_port; } return $protocol . $server_url; } /** * Get PHP server base URL. * * @return string the server protocol, hostname and port */ public function get() { phpCAS::traceBegin(); $result = $this->removeStandardPort($this->discover()); phpCAS::trace("Discovered server base URL: " . $result); if ($this->isAllowed($result)) { phpCAS::trace("Server base URL is allowed"); phpCAS::traceEnd(true); } else { $result = $this->_list[0]; phpCAS::trace("Server base URL is not allowed, using default: " . $result); phpCAS::traceEnd(false); } return $result; } } __halt_compiler();----SIGNATURE:----rP91iFH9l9S7733YCihE9UX44C5uhVMJLmUvgXpjFoUt5xKI4I0q50u/7Sc4WjcMI3Ezd5Eod++PVFzlwQlgqmb8TJz17ARVvHZ871flJdw1iywCOlnjHiqPhett9RPiYjVgP/XI4ecQIJ/mHOQZoeP9XWlcgf/ieE6EuxA28WWHJmP3oI8mJtV9YPfBKQZ2aqMk7LgFquHooM5kk5BuLaKfDGmjsGGr6glh/2TKQk2y7xdzdHVSydrIknzhhBGl8nVsLdpz4hX4doccRl2GZ1+J3tGTSjw+eqWZPUoareFsKnVbnCaRFezh37vmkFL1X1no9in42oNUsvXNK4gvvc8bppyCTyFb9dCAxysN25f5hlmaWAhrlBSayzYRtaNyelwlmsMl4ukxgRismLKoTte6Cqr3BFdivKXYN2IPpv5Ne4UZsYb4/bH2KV3hDWf74Uwyw5mLfLGfxbWpDa1dp5J8cqozULItaaknm7Gj2uoCHNRYI4t1VwBsX9HwolaofWsHSew1sOwDyeWjWovXUyekjIzx65EzswHppaCkwQEutsO+SGjpPDNiBNQqEOlFFLuw1WpT0NRd7ABVKV8TDZ3WJxF5jMtnvmzTJkD4UeYeAuhlkAr+S0o3a5m3F/rgqGzLgMdlWoaB/VvnaRJRn5TjizKgFEicOHlPFI2wSlo=----ATTACHMENT:----ODEzMTE3NzUzMjA1NTUwNCA1MTM3NzUxMDk2NjQ1NzYxIDQ1MjI4OTE3ODI0MDQzNDI=