diff options
Diffstat (limited to 'classes')
-rw-r--r-- | classes/errors.php | 5 | ||||
-rwxr-xr-x | classes/rpc.php | 13 |
2 files changed, 15 insertions, 3 deletions
diff --git a/classes/errors.php b/classes/errors.php index be175418e..3599c2639 100644 --- a/classes/errors.php +++ b/classes/errors.php @@ -5,8 +5,9 @@ class Errors { const E_UNKNOWN_METHOD = "E_UNKNOWN_METHOD"; const E_UNKNOWN_PLUGIN = "E_UNKNOWN_PLUGIN"; const E_SCHEMA_MISMATCH = "E_SCHEMA_MISMATCH"; + const E_URL_SCHEME_MISMATCH = "E_URL_SCHEME_MISMATCH"; - static function to_json(string $code) { - return json_encode(["error" => ["code" => $code]]); + static function to_json(string $code, array $params = []) { + return json_encode(["error" => ["code" => $code, "params" => $params]]); } } diff --git a/classes/rpc.php b/classes/rpc.php index aaaf4f8d5..630ea50cb 100755 --- a/classes/rpc.php +++ b/classes/rpc.php @@ -168,10 +168,21 @@ class RPC extends Handler_Protected { $_SESSION["hasSandbox"] = clean($_REQUEST["hasSandbox"]) === "true"; $_SESSION["clientTzOffset"] = clean($_REQUEST["clientTzOffset"]); + $client_location = $_REQUEST["clientLocation"]; + $error = Errors::E_SUCCESS; + $error_params = []; + + $client_scheme = parse_url($client_location, PHP_URL_SCHEME); + $server_scheme = parse_url(get_self_url_prefix(), PHP_URL_SCHEME); if (get_schema_version() != SCHEMA_VERSION) { $error = Errors::E_SCHEMA_MISMATCH; + } else if ($client_scheme != $server_scheme) { + $error = Errors::E_URL_SCHEME_MISMATCH; + $error_params["client_scheme"] = $client_scheme; + $error_params["server_scheme"] = $server_scheme; + $error_params["self_url_path"] = get_self_url_prefix(); } if ($error == Errors::E_SUCCESS) { @@ -183,7 +194,7 @@ class RPC extends Handler_Protected { print json_encode($reply); } else { - print Errors::to_json($error); + print Errors::to_json($error, $error_params); } } |