diff options
author | Justin Clark-Casey (justincc) | 2015-03-04 17:51:11 +0000 |
---|---|---|
committer | Justin Clark-Casey (justincc) | 2015-03-04 18:27:51 +0000 |
commit | 3255335c42ff348465d235a3ccf9558d0d6d414b (patch) | |
tree | 5537a8bb51ef79f1b42a0a29e167da939630f434 /OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs | |
parent | Add outbound URL filter to llHttpRequest() and osSetDynamicTextureURL*() scri... (diff) | |
download | opensim-SC-3255335c42ff348465d235a3ccf9558d0d6d414b.zip opensim-SC-3255335c42ff348465d235a3ccf9558d0d6d414b.tar.gz opensim-SC-3255335c42ff348465d235a3ccf9558d0d6d414b.tar.bz2 opensim-SC-3255335c42ff348465d235a3ccf9558d0d6d414b.tar.xz |
Make private services forbid llHTTPRequest() calls by rejecting those that have the X-SecondLife-Shard header.
If you need to enable this, set AllowHttpRequestIn = true in [Network] for all private services or individual [*Service] sections.
Diffstat (limited to 'OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs')
-rw-r--r-- | OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs b/OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs new file mode 100644 index 0000000..1e1ee56 --- /dev/null +++ b/OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs | |||
@@ -0,0 +1,57 @@ | |||
1 | /* | ||
2 | * Copyright (c) Contributors, http://opensimulator.org/ | ||
3 | * See CONTRIBUTORS.TXT for a full list of copyright holders. | ||
4 | * | ||
5 | * Redistribution and use in source and binary forms, with or without | ||
6 | * modification, are permitted provided that the following conditions are met: | ||
7 | * * Redistributions of source code must retain the above copyright | ||
8 | * notice, this list of conditions and the following disclaimer. | ||
9 | * * Redistributions in binary form must reproduce the above copyright | ||
10 | * notice, this list of conditions and the following disclaimer in the | ||
11 | * documentation and/or other materials provided with the distribution. | ||
12 | * * Neither the name of the OpenSimulator Project nor the | ||
13 | * names of its contributors may be used to endorse or promote products | ||
14 | * derived from this software without specific prior written permission. | ||
15 | * | ||
16 | * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY | ||
17 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | ||
18 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | ||
19 | * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY | ||
20 | * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | ||
21 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
22 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND | ||
23 | * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS | ||
25 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
26 | */ | ||
27 | |||
28 | using System; | ||
29 | using System.Collections.Specialized; | ||
30 | using System.Net; | ||
31 | |||
32 | namespace OpenSim.Framework.ServiceAuth | ||
33 | { | ||
34 | public class DisallowLlHttpRequest : IServiceAuth | ||
35 | { | ||
36 | public void AddAuthorization(NameValueCollection headers) {} | ||
37 | |||
38 | public bool Authenticate(string data) | ||
39 | { | ||
40 | return false; | ||
41 | } | ||
42 | |||
43 | public bool Authenticate(NameValueCollection requestHeaders, AddHeaderDelegate d, out HttpStatusCode statusCode) | ||
44 | { | ||
45 | // Console.WriteLine("DisallowLlHttpRequest"); | ||
46 | |||
47 | if (requestHeaders["X-SecondLife-Shard"] != null) | ||
48 | { | ||
49 | statusCode = HttpStatusCode.Forbidden; | ||
50 | return false; | ||
51 | } | ||
52 | |||
53 | statusCode = HttpStatusCode.OK; | ||
54 | return true; | ||
55 | } | ||
56 | } | ||
57 | } \ No newline at end of file | ||