aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs
diff options
context:
space:
mode:
authorJustin Clark-Casey (justincc)2015-03-04 17:51:11 +0000
committerJustin Clark-Casey (justincc)2015-03-04 18:27:51 +0000
commit3255335c42ff348465d235a3ccf9558d0d6d414b (patch)
tree5537a8bb51ef79f1b42a0a29e167da939630f434 /OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs
parentAdd outbound URL filter to llHttpRequest() and osSetDynamicTextureURL*() scri... (diff)
downloadopensim-SC-3255335c42ff348465d235a3ccf9558d0d6d414b.zip
opensim-SC-3255335c42ff348465d235a3ccf9558d0d6d414b.tar.gz
opensim-SC-3255335c42ff348465d235a3ccf9558d0d6d414b.tar.bz2
opensim-SC-3255335c42ff348465d235a3ccf9558d0d6d414b.tar.xz
Make private services forbid llHTTPRequest() calls by rejecting those that have the X-SecondLife-Shard header.
If you need to enable this, set AllowHttpRequestIn = true in [Network] for all private services or individual [*Service] sections.
Diffstat (limited to 'OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs')
-rw-r--r--OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs57
1 files changed, 57 insertions, 0 deletions
diff --git a/OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs b/OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs
new file mode 100644
index 0000000..1e1ee56
--- /dev/null
+++ b/OpenSim/Framework/ServiceAuth/DisallowLlHttpRequest.cs
@@ -0,0 +1,57 @@
1/*
2 * Copyright (c) Contributors, http://opensimulator.org/
3 * See CONTRIBUTORS.TXT for a full list of copyright holders.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions are met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * * Neither the name of the OpenSimulator Project nor the
13 * names of its contributors may be used to endorse or promote products
14 * derived from this software without specific prior written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 */
27
28using System;
29using System.Collections.Specialized;
30using System.Net;
31
32namespace OpenSim.Framework.ServiceAuth
33{
34 public class DisallowLlHttpRequest : IServiceAuth
35 {
36 public void AddAuthorization(NameValueCollection headers) {}
37
38 public bool Authenticate(string data)
39 {
40 return false;
41 }
42
43 public bool Authenticate(NameValueCollection requestHeaders, AddHeaderDelegate d, out HttpStatusCode statusCode)
44 {
45// Console.WriteLine("DisallowLlHttpRequest");
46
47 if (requestHeaders["X-SecondLife-Shard"] != null)
48 {
49 statusCode = HttpStatusCode.Forbidden;
50 return false;
51 }
52
53 statusCode = HttpStatusCode.OK;
54 return true;
55 }
56 }
57} \ No newline at end of file