From 3255335c42ff348465d235a3ccf9558d0d6d414b Mon Sep 17 00:00:00 2001
From: Justin Clark-Casey (justincc)
Date: Wed, 4 Mar 2015 17:51:11 +0000
Subject: Make private services forbid llHTTPRequest() calls by rejecting those
 that have the X-SecondLife-Shard header.

If you need to enable this, set AllowHttpRequestIn = true in [Network] for all private services or individual [*Service] sections.
---
 OpenSim/Framework/ServiceAuth/IServiceAuth.cs | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'OpenSim/Framework/ServiceAuth/IServiceAuth.cs')

diff --git a/OpenSim/Framework/ServiceAuth/IServiceAuth.cs b/OpenSim/Framework/ServiceAuth/IServiceAuth.cs
index fdd97b2..adde62f 100644
--- a/OpenSim/Framework/ServiceAuth/IServiceAuth.cs
+++ b/OpenSim/Framework/ServiceAuth/IServiceAuth.cs
@@ -26,6 +26,7 @@
  */
 
 using System;
+using System.Net;
 using System.Collections.Generic;
 using System.Collections.Specialized;
 
@@ -36,7 +37,7 @@ namespace OpenSim.Framework.ServiceAuth
     public interface  IServiceAuth
     {
         bool Authenticate(string data);
-        bool Authenticate(NameValueCollection headers, AddHeaderDelegate d);
+        bool Authenticate(NameValueCollection headers, AddHeaderDelegate d, out HttpStatusCode statusCode);
         void AddAuthorization(NameValueCollection headers);
     }
 }
-- 
cgit v1.1