URL encode double slash in request to /lool/

[ghost]

Environment:

ownCloud 9.1.6 richdocuments 1.1.24 nginx + config from https://www.collaboraoffice.com/code/#getting_set_up

Hi,

i've noticed that i can't get the above setup to work and documents won't open after clicking on them (The CODE GUI is shown but nothing more) within ownCloud.

After digging into the access logs of the nginx server i've noticed the following entry:

xx.yy.zz - - [23/Aug/2017:13:58:07 +0000] "POST /loleaflet/123/loleaflet.html?WOPISrc=https%3A%2F%2Fexample.com%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F123&title=example.txt&lang=en-gb&closebutton=1&revisionhistory=1 HTTP/1.0" 200 4044 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0"

xx.yy.zz. - - [23/Aug/2017:13:58:11 +0000] "GET /lool/https:/example.com/apps/richdocuments/wopi/files/123%3Faccess_token=456&access_token_ttl=0&permission=edit/ws HTTP/1.0" 400 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0"

As it is quite common that webservers are replacing a // by a single / it looks like the request got broken somehow and thus now creating the 400 / Bad Request.

I'm not really into the code of ownCloud or richdocuments but shouldn't at least a URL encoding for the // be done?

[ghost]

Mhhh, just stumbled over the following for Apache:

  # Encoded slashes need to be allowed
  AllowEncodedSlashes NoDecode

in https://www.collaboraoffice.com/code/#getting_set_up

So maybe its just a matter of updating the nginx config in https://www.collaboraoffice.com/code/#getting_set_up to allow the same?

[JKawohl]

@kdslkdsaldsal sorry for capturing this thread could you please, please, please contact me at john |at| ownCloud.com ?