From 7622f6afccf44556b2c00deed9c033e5d36f6b7b Mon Sep 17 00:00:00 2001 From: epriestley Date: Sat, 21 Apr 2018 09:08:13 -0700 Subject: [PATCH] Fix excessively severe CSP URI error during first-time setup Summary: See D19394. Currently, during first-time setup before you configure "phabricator.base-uri", we may attempt to generate a setup page, try to generate a CSP header for it, and fail to access the environmental config. This causes a too-severe error page ("configure phabricator.base-uri") instead of preflight guidance (like "can't connect to MySQL"). Instead, treat this more like "security.alternate-file-domain" and just bail on CSP if we can't fetch it. Test Plan: On a fresh (non-explodey laptop) install with critical setup errors (no MySQL installed yet), loaded Phabricator. Before: error about phabricator.base-uri. After: more helpful guidance about installing/configuring MySQL. Reviewers: amckinley, avivey Reviewed By: amckinley Differential Revision: https://secure.phabricator.com/D19396 --- src/aphront/response/AphrontResponse.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/aphront/response/AphrontResponse.php b/src/aphront/response/AphrontResponse.php index fe1e80318f..2e6513c7a8 100644 --- a/src/aphront/response/AphrontResponse.php +++ b/src/aphront/response/AphrontResponse.php @@ -113,6 +113,7 @@ abstract class AphrontResponse extends Phobject { try { $cdn = PhabricatorEnv::getEnvConfig('security.alternate-file-domain'); + $base_uri = PhabricatorEnv::getURI('/'); } catch (Exception $ex) { return null; } @@ -124,8 +125,6 @@ abstract class AphrontResponse extends Phobject { // If an alternate file domain is not configured and the user is viewing // a Phame blog on a custom domain or some other custom site, we'll still // serve resources from the main site. Include the main site explicitly. - - $base_uri = PhabricatorEnv::getURI('/'); $base_uri = $this->newContentSecurityPolicySource($base_uri); $default = "'self' {$base_uri}";