Less restrictive anti-bandwidth-theft code. Fixes a problem

where this code would trigger on the restore image/file pages.

diff --git a/scripts/file.ml b/scripts/file.ml
index 28685df..4345b11 100644 (file)
--- a/scripts/file.ml
+++ b/scripts/file.ml
@@ -1,7 +1,7 @@
 (* COCANWIKI - a wiki written in Objective CAML.
  * Written by Richard W.M. Jones <rich@merjis.com>.
  * Copyright (C) 2004 Merjis Ltd.
- * $Id: file.ml,v 1.11 2004/10/24 11:34:37 rich Exp $
+ * $Id: file.ml,v 1.12 2004/11/01 16:24:32 rich Exp $
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -28,7 +28,7 @@ open ExtString
 
 open Cocanwiki
 
-let run r (q : cgi) (dbh : Dbi.connection) hostid _ _ =
+let run r (q : cgi) (dbh : Dbi.connection) hostid {hostname = hostname} _ =
   let name = q#param "name" in
   let version =
     try Some (int_of_string (q#param "version")) with Not_found -> None in
@@ -56,14 +56,12 @@ let run r (q : cgi) (dbh : Dbi.connection) hostid _ _ =
     with
        Not_found -> raise (HttpError cHTTP_NOT_FOUND) in
 
-  (* If deleted, refuse to serve this file except if called from the
-   * deleted files page.
-   *)
+  (* If deleted, refuse to serve this file except if called from the site. *)
   if deleted then (
     let referer =
       try Table.get (Request.headers_in r) "Referer" with Not_found -> "" in
     let ok =
-      try String.find referer "/_files?deleted"; true
+      try String.find referer hostname; true
       with String.Invalid_string -> false in
 
     if not ok then (

diff --git a/scripts/image.ml b/scripts/image.ml
index 90d0a5a..cad2ceb 100644 (file)
--- a/scripts/image.ml
+++ b/scripts/image.ml
@@ -1,7 +1,7 @@
 (* COCANWIKI - a wiki written in Objective CAML.
  * Written by Richard W.M. Jones <rich@merjis.com>.
  * Copyright (C) 2004 Merjis Ltd.
- * $Id: image.ml,v 1.12 2004/10/28 14:51:03 rich Exp $
+ * $Id: image.ml,v 1.13 2004/11/01 16:24:32 rich Exp $
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -28,7 +28,7 @@ open ExtString
 
 open Cocanwiki
 
-let run r (q : cgi) (dbh : Dbi.connection) hostid _ _ =
+let run r (q : cgi) (dbh : Dbi.connection) hostid {hostname = hostname} _ =
   let image = q#param "image" in
   let is_thumbnail = q#param_true "thumbnail" in
   let version =
@@ -58,14 +58,12 @@ let run r (q : cgi) (dbh : Dbi.connection) hostid _ _ =
     with
        Not_found -> raise (HttpError cHTTP_NOT_FOUND) in
 
-  (* If deleted, refuse to serve this image except if called from the
-   * deleted images page.
-   *)
+  (* If deleted, refuse to serve this image except if shown on the site. *)
   if deleted then (
     let referer =
       try Table.get (Request.headers_in r) "Referer" with Not_found -> "" in
     let ok =
-      try String.find referer "/_images?deleted"; true
+      try String.find referer hostname; true
       with String.Invalid_string -> false in
 
     if not ok then (