Detect un-cookieable domain confiugration and explode

Summary: Chrome/Chromium won't set cookies on these domains, at least under Ubuntu. See T754. Detect brokenness and explode. Test Plan: Logged into phabricator as "http://derps/" (failed) and "http://derps.com/" (worked) in Chromium. Set config to "http://derps/" (config exploded) and "http://local.aphront.com/" (config OK). Reviewers: btrahan, jungejason Reviewed By: btrahan CC: aran, btrahan Maniphest Tasks: T754 Differential Revision: https://secure.phabricator.com/D1355
2012-01-10 16:42:00 -08:00
parent 840eb46d03
commit af37b637f5
2 changed files with 41 additions and 5 deletions
--- a/src/infrastructure/setup/PhabricatorSetup.php
+++ b/src/infrastructure/setup/PhabricatorSetup.php
@@ -1,7 +1,7 @@
 <?php

 /*
- * Copyright 2011 Facebook, Inc.
+ * Copyright 2012 Facebook, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@@ -250,7 +250,8 @@ class PhabricatorSetup {
      return;
    } else {
      $host = PhabricatorEnv::getEnvConfig('phabricator.base-uri');
-      $protocol = id(new PhutilURI($host))->getProtocol();
+      $host_uri = new PhutilURI($host);
+      $protocol = $host_uri->getProtocol();
      $allowed_protocols = array(
        'http'  => true,
        'https' => true,
@@ -264,7 +265,7 @@ class PhabricatorSetup {
        return;
      }
      if (preg_match('/.*\/$/', $host)) {
-        self::write(" okay  phabricator.base-uri\n");
+        self::write(" okay  phabricator.base-uri protocol\n");
      } else {
        self::writeFailure();
        self::write(
@@ -275,6 +276,19 @@ class PhabricatorSetup {
          "options.\n");
        return;
      }
+
+      $host_domain = $host_uri->getDomain();
+      if (strpos($host_domain, '.') !== false) {
+        self::write(" okay  phabricator.base-uri domain\n");
+      } else {
+        self::writeFailure();
+        self::write(
+          "You must host Phabricator on a domain that contains a dot ('.'). ".
+          "The current domain, '{$host_domain}', does not have a dot, so some ".
+          "browsers will not set cookies on it. For instance, ".
+          "'http://example.com/ is OK, but 'http://example/' won't work.");
+        return;
+      }
    }

    $timezone = nonempty(