diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2024-02-22 18:22:47 +0100 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2024-02-22 18:22:47 +0100 |
| commit | ba15f985c4b85f33c267c8f76eefdc0d8bd97e11 (patch) | |
| tree | e5cd5db32a26095ae9ba494aa42f2ec139c422be | |
| parent | ff6a7a9d5faee648df31090bfa612e064ab19bfd (diff) | |
| download | dokuwiki-ba15f985c4b85f33c267c8f76eefdc0d8bd97e11.tar.gz dokuwiki-ba15f985c4b85f33c267c8f76eefdc0d8bd97e11.zip | |
API: ignore charset when checking content types
We still expect all communication to be in UTF-8, but we really don't
need a charset attribute for that.
fixes #4218, replaces #4219
| -rw-r--r-- | inc/Remote/JsonRpcServer.php | 4 | ||||
| -rw-r--r-- | inc/Remote/XmlRpcServer.php | 11 |
2 files changed, 7 insertions, 8 deletions
diff --git a/inc/Remote/JsonRpcServer.php b/inc/Remote/JsonRpcServer.php index 40af30c09..f38bf190b 100644 --- a/inc/Remote/JsonRpcServer.php +++ b/inc/Remote/JsonRpcServer.php @@ -44,7 +44,9 @@ class JsonRpcServer header('Allow: POST'); throw new RemoteException("JSON-RPC server only accepts POST requests.", -32606); } - if ($INPUT->server->str('CONTENT_TYPE') !== 'application/json') { + [$contentType] = explode(';', $INPUT->server->str('CONTENT_TYPE'), 2); // ignore charset + $contentType = strtolower($contentType); // mime types are case-insensitive + if ($contentType !== 'application/json') { http_status(415); throw new RemoteException("JSON-RPC server only accepts application/json requests.", -32606); } diff --git a/inc/Remote/XmlRpcServer.php b/inc/Remote/XmlRpcServer.php index 1cfa914e9..a1566b3d2 100644 --- a/inc/Remote/XmlRpcServer.php +++ b/inc/Remote/XmlRpcServer.php @@ -28,19 +28,16 @@ class XmlRpcServer extends Server public function serve($data = false) { global $conf; + global $INPUT; if (!$conf['remote']) { throw new ServerException("XML-RPC server not enabled.", -32605); } if (!empty($conf['remotecors'])) { header('Access-Control-Allow-Origin: ' . $conf['remotecors']); } - if ( - !isset($_SERVER['CONTENT_TYPE']) || - ( - strtolower($_SERVER['CONTENT_TYPE']) !== 'text/xml' && - strtolower($_SERVER['CONTENT_TYPE']) !== 'application/xml' - ) - ) { + [$contentType] = explode(';', $INPUT->server->str('CONTENT_TYPE'), 2); // ignore charset + $contentType = strtolower($contentType); // mime types are case-insensitive + if ($contentType !== 'text/xml' && $contentType !== 'application/xml') { throw new ServerException('XML-RPC server accepts XML requests only.', -32606); } |