From db577ce536a7121366ac6648c30834f38801f412 Mon Sep 17 00:00:00 2001
From: Josh <josh.t.richards@gmail.com>
Date: Tue, 26 Nov 2024 14:48:09 -0500
Subject: [PATCH 1/2] fix: prevent glob expansion on wildcard trusted_domains

Signed-off-by: Josh <josh.t.richards@gmail.com>
---
 docker-entrypoint.sh | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 8e178f2ec..ba2dfea42 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -237,11 +237,13 @@ if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UP
                         fi
                         if [ -n "${NEXTCLOUD_TRUSTED_DOMAINS+x}" ]; then
                             echo "Setting trusted domains…"
+			    set -f # turn off glob
                             NC_TRUSTED_DOMAIN_IDX=1
-                            for DOMAIN in $NEXTCLOUD_TRUSTED_DOMAINS ; do
-                                DOMAIN=$(echo "$DOMAIN" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
-                                run_as "php /var/www/html/occ config:system:set trusted_domains $NC_TRUSTED_DOMAIN_IDX --value=$DOMAIN"
+                            for DOMAIN in ${NEXTCLOUD_TRUSTED_DOMAINS}; do
+                                DOMAIN=$(echo "${DOMAIN}" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
+                                run_as "php /var/www/html/occ config:system:set trusted_domains $NC_TRUSTED_DOMAIN_IDX --value=\"${DOMAIN}\""
                                 NC_TRUSTED_DOMAIN_IDX=$((NC_TRUSTED_DOMAIN_IDX+1))
+				set +f # turn glob back on
                             done
                         fi
 

From 2a7d6d89374dca4b58f875b250598547cfbe7a73 Mon Sep 17 00:00:00 2001
From: Josh <josh.t.richards@gmail.com>
Date: Tue, 26 Nov 2024 17:01:14 -0500
Subject: [PATCH 2/2] fix: move glob change outside the loop

Signed-off-by: Josh <josh.t.richards@gmail.com>
---
 docker-entrypoint.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index ba2dfea42..4e2618270 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -243,8 +243,8 @@ if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UP
                                 DOMAIN=$(echo "${DOMAIN}" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
                                 run_as "php /var/www/html/occ config:system:set trusted_domains $NC_TRUSTED_DOMAIN_IDX --value=\"${DOMAIN}\""
                                 NC_TRUSTED_DOMAIN_IDX=$((NC_TRUSTED_DOMAIN_IDX+1))
-				set +f # turn glob back on
                             done
+			    set +f # turn glob back on
                         fi
 
                         run_path post-installation