diff options
author | Justin Clark-Casey (justincc) | 2015-03-04 17:51:11 +0000 |
---|---|---|
committer | Justin Clark-Casey (justincc) | 2015-03-04 18:27:51 +0000 |
commit | 3255335c42ff348465d235a3ccf9558d0d6d414b (patch) | |
tree | 5537a8bb51ef79f1b42a0a29e167da939630f434 /bin/Robust.ini.example | |
parent | Add outbound URL filter to llHttpRequest() and osSetDynamicTextureURL*() scri... (diff) | |
download | opensim-SC-3255335c42ff348465d235a3ccf9558d0d6d414b.zip opensim-SC-3255335c42ff348465d235a3ccf9558d0d6d414b.tar.gz opensim-SC-3255335c42ff348465d235a3ccf9558d0d6d414b.tar.bz2 opensim-SC-3255335c42ff348465d235a3ccf9558d0d6d414b.tar.xz |
Make private services forbid llHTTPRequest() calls by rejecting those that have the X-SecondLife-Shard header.
If you need to enable this, set AllowHttpRequestIn = true in [Network] for all private services or individual [*Service] sections.
Diffstat (limited to 'bin/Robust.ini.example')
-rw-r--r-- | bin/Robust.ini.example | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/bin/Robust.ini.example b/bin/Robust.ini.example index a0b8f50..48deeae 100644 --- a/bin/Robust.ini.example +++ b/bin/Robust.ini.example | |||
@@ -129,6 +129,13 @@ | |||
129 | ;; This is useful in cases where you want to protect most of the services, | 129 | ;; This is useful in cases where you want to protect most of the services, |
130 | ;; but unprotect individual services. Username and Password can also be | 130 | ;; but unprotect individual services. Username and Password can also be |
131 | ;; overriden if you want to use different credentials for the different services. | 131 | ;; overriden if you want to use different credentials for the different services. |
132 | |||
133 | ;; By default, scripts are not allowed to call private services via llHttpRequest() | ||
134 | ;; Such calls are detected by the X-SecondLife-Shared HTTP header | ||
135 | ;; If you allow such calls you must be sure that they are restricted to very trusted scripters | ||
136 | ;; (remember scripts can also be in visiting avatar attachments). | ||
137 | ;; This can be overriden in individual private service sections if necessary | ||
138 | AllowllHTTPRequestIn = false | ||
132 | 139 | ||
133 | ; * The following are for the remote console | 140 | ; * The following are for the remote console |
134 | ; * They have no effect for the local or basic console types | 141 | ; * They have no effect for the local or basic console types |