From fffce48503e09a21f9c5846a0fc378e6180e50f3 Mon Sep 17 00:00:00 2001 From: rich Date: Mon, 1 Nov 2004 16:24:32 +0000 Subject: [PATCH] Less restrictive anti-bandwidth-theft code. Fixes a problem where this code would trigger on the restore image/file pages. --- scripts/file.ml | 10 ++++------ scripts/image.ml | 10 ++++------ 2 files changed, 8 insertions(+), 12 deletions(-) diff --git a/scripts/file.ml b/scripts/file.ml index 28685df..4345b11 100644 --- a/scripts/file.ml +++ b/scripts/file.ml @@ -1,7 +1,7 @@ (* COCANWIKI - a wiki written in Objective CAML. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: file.ml,v 1.11 2004/10/24 11:34:37 rich Exp $ + * $Id: file.ml,v 1.12 2004/11/01 16:24:32 rich Exp $ * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -28,7 +28,7 @@ open ExtString open Cocanwiki -let run r (q : cgi) (dbh : Dbi.connection) hostid _ _ = +let run r (q : cgi) (dbh : Dbi.connection) hostid {hostname = hostname} _ = let name = q#param "name" in let version = try Some (int_of_string (q#param "version")) with Not_found -> None in @@ -56,14 +56,12 @@ let run r (q : cgi) (dbh : Dbi.connection) hostid _ _ = with Not_found -> raise (HttpError cHTTP_NOT_FOUND) in - (* If deleted, refuse to serve this file except if called from the - * deleted files page. - *) + (* If deleted, refuse to serve this file except if called from the site. *) if deleted then ( let referer = try Table.get (Request.headers_in r) "Referer" with Not_found -> "" in let ok = - try String.find referer "/_files?deleted"; true + try String.find referer hostname; true with String.Invalid_string -> false in if not ok then ( diff --git a/scripts/image.ml b/scripts/image.ml index 90d0a5a..cad2ceb 100644 --- a/scripts/image.ml +++ b/scripts/image.ml @@ -1,7 +1,7 @@ (* COCANWIKI - a wiki written in Objective CAML. * Written by Richard W.M. Jones . * Copyright (C) 2004 Merjis Ltd. - * $Id: image.ml,v 1.12 2004/10/28 14:51:03 rich Exp $ + * $Id: image.ml,v 1.13 2004/11/01 16:24:32 rich Exp $ * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -28,7 +28,7 @@ open ExtString open Cocanwiki -let run r (q : cgi) (dbh : Dbi.connection) hostid _ _ = +let run r (q : cgi) (dbh : Dbi.connection) hostid {hostname = hostname} _ = let image = q#param "image" in let is_thumbnail = q#param_true "thumbnail" in let version = @@ -58,14 +58,12 @@ let run r (q : cgi) (dbh : Dbi.connection) hostid _ _ = with Not_found -> raise (HttpError cHTTP_NOT_FOUND) in - (* If deleted, refuse to serve this image except if called from the - * deleted images page. - *) + (* If deleted, refuse to serve this image except if shown on the site. *) if deleted then ( let referer = try Table.get (Request.headers_in r) "Referer" with Not_found -> "" in let ok = - try String.find referer "/_images?deleted"; true + try String.find referer hostname; true with String.Invalid_string -> false in if not ok then ( -- 1.8.3.1