fix: IRequest::getHeader() can return null which needs to be checked

Author: DeepDiver1975

apps/dav/lib/Connector/PublicAuth.php

@@ -103,7 +103,7 @@ protected function validateUserPass($username, $password) {
 				} elseif ($this->shareManager->checkPassword($share, $password)) {
 					return true;
 				} else {
-					if (\in_array('XMLHttpRequest', \explode(',', $this->request->getHeader('X-Requested-With')))) {
+					if (\in_array('XMLHttpRequest', \explode(',', $this->request->getHeader('X-Requested-With') ?? ''), true)) {
 						// do not re-authenticate over ajax, use dummy auth name to prevent browser popup
 						\http_response_code(401);
 						\header('WWW-Authenticate', 'DummyBasic realm="' . $this->realm . '"');

apps/federatedfilesharing/lib/Panels/GeneralPersonalPanel.php

@@ -64,7 +64,7 @@ public function getSectionID() {
 
 	public function getPanel() {
 		$isIE8 = false;
-		\preg_match('/MSIE (.*?);/', $this->request->getHeader('User-Agent'), $matches);
+		\preg_match('/MSIE (.*?);/', $this->request->getHeader('User-Agent') ?? '', $matches);
 		if (\count($matches) > 0 && $matches[1] <= 9) {
 			$isIE8 = true;
 		}

apps/files/ajax/download.php

@@ -67,7 +67,7 @@
  * Http range requests support
  */
 if (isset($_SERVER['HTTP_RANGE'])) {
-	$server_params['range'] = \OC::$server->getRequest()->getHeader('Range');
+	$server_params['range'] = \OC::$server->getRequest()->getHeader('Range') ?? '';
 }
 
 OC_Files::get($dir, $files_list, $server_params);

apps/files_sharing/lib/Controllers/ShareController.php

@@ -543,8 +543,9 @@ public function downloadShare($token, $files = null, $path = '', $downloadStartS
 		/**
 		 * Http range requests support
 		 */
-		if (isset($_SERVER['HTTP_RANGE'])) {
-			$server_params['range'] = $this->request->getHeader('Range');
+		$range_header = $this->request->getHeader('Range');
+		if ($range_header !== null) {
+			$server_params['range'] = $range_header;
 		}
 
 		// download selected files

lib/private/AppFramework/Http/Dispatcher.php

@@ -153,7 +153,7 @@ private function executeController($controller, $methodName) {
 				(
 					$this->request->method === 'GET' ||
 					\strpos(
-						$this->request->getHeader('Content-Type'),
+						$this->request->getHeader('Content-Type') ?? '',
 						'application/x-www-form-urlencoded'
 					) !== false
 				)
@@ -175,7 +175,7 @@ private function executeController($controller, $methodName) {
 
 			// if none is given try the first Accept header
 			if ($format === null) {
-				$headers = $this->request->getHeader('Accept');
+				$headers = $this->request->getHeader('Accept') ?? '';
 				$format = $controller->getResponderByHTTPHeader($headers);
 			}
 

lib/private/AppFramework/Http/Request.php

@@ -292,7 +292,7 @@ public function __unset($id) {
 	 * @param string $name
 	 * @return string|null
 	 */
-	public function getHeader($name) {
+	public function getHeader(string $name): ?string {
 		$name = \strtoupper(\str_replace(['-'], ['_'], $name));
 		if (isset($this->server['HTTP_' . $name])) {
 			return $this->server['HTTP_' . $name];
@@ -391,8 +391,8 @@ protected function getContent() {
 		if ($this->method === 'PUT'
 			&& $this->getHeader('Content-Length') !== 0
 			&& $this->getHeader('Content-Length') !== null
-			&& \strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') === false
-			&& \strpos($this->getHeader('Content-Type'), 'application/json') === false
+			&& \strpos($this->getHeader('Content-Type') ?? '', 'application/x-www-form-urlencoded') === false
+			&& \strpos($this->getHeader('Content-Type') ?? '', 'application/json') === false
 		) {
 			if ($this->content === false) {
 				throw new \LogicException(
@@ -431,7 +431,7 @@ protected function decodeContent() {
 			// or post correctly
 		} elseif ($this->method !== 'GET'
 				&& $this->method !== 'POST'
-				&& \strpos($this->getHeader('Content-Type'), 'application/x-www-form-urlencoded') !== false) {
+				&& \strpos($this->getHeader('Content-Type') ?? '', 'application/x-www-form-urlencoded') !== false) {
 			\parse_str(\file_get_contents($this->inputStream), $params);
 			if (\is_array($params)) {
 				$this->items['params'] = $params;

lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php

@@ -209,8 +209,9 @@ public function afterException($controller, $methodName, \Exception $exception)
 		}
 
 		if ($exception instanceof SecurityException) {
-			if ($this->request->getHeader('Accept') !== '*/*'
-				&& \stripos($this->request->getHeader('Accept'), 'html') === false
+			$accept_header = $this->request->getHeader('Accept') ?? '';
+			if ($accept_header !== '*/*'
+				&& \stripos($accept_header, 'html') === false
 			) {
 				$response = new JSONResponse(
 					['message' => $exception->getMessage()],

lib/public/IRequest.php

@@ -67,7 +67,7 @@ interface IRequest {
 	 * @return string|null
 	 * @since 6.0.0
 	 */
-	public function getHeader($name);
+	public function getHeader(string $name): ?string;
 
 	/**
 	 * Lets you access post and get parameters by the index

remote.php

@@ -46,7 +46,7 @@ class RemoteException extends Exception {
 function handleException($e) {
 	$request = \OC::$server->getRequest();
 	// in case the request content type is text/xml - we assume it's a WebDAV request
-	$isXmlContentType = \strpos($request->getHeader('Content-Type'), 'text/xml');
+	$isXmlContentType = \strpos($request->getHeader('Content-Type') ?? '', 'text/xml');
 	if ($isXmlContentType === 0) {
 		// fire up a simple server to properly process the exception
 		$server = new Server();