|
version 1.1075.2.132, 2019/07/19 13:19:50
|
version 1.1075.2.136, 2019/08/04 01:02:40
|
|
Line 71 use Apache::lonuserutils();
|
Line 71 use Apache::lonuserutils();
|
| use Apache::lonuserstate(); |
use Apache::lonuserstate(); |
| use Apache::courseclassifier(); |
use Apache::courseclassifier(); |
| use LONCAPA qw(:DEFAULT :match); |
use LONCAPA qw(:DEFAULT :match); |
| |
use HTTP::Request; |
| use DateTime::TimeZone; |
use DateTime::TimeZone; |
| use DateTime::Locale; |
use DateTime::Locale; |
| use Encode(); |
use Encode(); |
|
Line 1403 sub help_menu_js {
|
Line 1404 sub help_menu_js {
|
| &Apache::loncommon::start_page('Help Menu', undef, |
&Apache::loncommon::start_page('Help Menu', undef, |
| {'frameset' => 1, |
{'frameset' => 1, |
| 'js_ready' => 1, |
'js_ready' => 1, |
| 'use_absolute' => $httphost, |
'use_absolute' => $httphost, |
| 'add_entries' => { |
'add_entries' => { |
| 'border' => '0', |
'border' => '0', |
| 'rows' => "110,*",},}); |
'rows' => "110,*",},}); |
|
Line 5394 Inputs:
|
Line 5395 Inputs:
|
| |
|
| =item * $args, optional argument valid values are |
=item * $args, optional argument valid values are |
| no_auto_mt_title -> prevents &mt()ing the title arg |
no_auto_mt_title -> prevents &mt()ing the title arg |
| |
use_absolute -> for external resource or syllabus, this will |
| |
contain https://<hostname> if server uses |
| |
https (as per hosts.tab), but request is for http |
| |
hostname -> hostname, from $r->hostname(). |
| |
|
| =item * $advtoolsref, optional argument, ref to an array containing |
=item * $advtoolsref, optional argument, ref to an array containing |
| inlineremote items to be added in "Functions" menu below |
inlineremote items to be added in "Functions" menu below |
|
Line 5419 sub bodytag {
|
Line 5424 sub bodytag {
|
| } |
} |
| if (!$args->{'no_auto_mt_title'}) { $title = &mt($title); } |
if (!$args->{'no_auto_mt_title'}) { $title = &mt($title); } |
| my $httphost = $args->{'use_absolute'}; |
my $httphost = $args->{'use_absolute'}; |
| |
my $hostname = $args->{'hostname'}; |
| |
|
| $function = &get_users_function() if (!$function); |
$function = &get_users_function() if (!$function); |
| my $img = &designparm($function.'.img',$domain); |
my $img = &designparm($function.'.img',$domain); |
|
Line 5507 sub bodytag {
|
Line 5513 sub bodytag {
|
| &Apache::lonmenu::prepare_functions($env{'request.noversionuri'}, |
&Apache::lonmenu::prepare_functions($env{'request.noversionuri'}, |
| $forcereg,$args->{'group'}, |
$forcereg,$args->{'group'}, |
| $args->{'bread_crumbs'}, |
$args->{'bread_crumbs'}, |
| $advtoolsref,'',\$forbodytag); |
$advtoolsref,'','',\$forbodytag); |
| unless (ref($args->{'bread_crumbs'}) eq 'ARRAY') { |
unless (ref($args->{'bread_crumbs'}) eq 'ARRAY') { |
| $funclist = $forbodytag; |
$funclist = $forbodytag; |
| } |
} |
|
Line 5553 sub bodytag {
|
Line 5559 sub bodytag {
|
| $bodytag .= Apache::lonhtmlcommon::scripttag('', 'end'); |
$bodytag .= Apache::lonhtmlcommon::scripttag('', 'end'); |
| if ($env{'request.state'} eq 'construct') { |
if ($env{'request.state'} eq 'construct') { |
| $bodytag .= &Apache::lonmenu::innerregister($forcereg, |
$bodytag .= &Apache::lonmenu::innerregister($forcereg, |
| $args->{'bread_crumbs'}); |
$args->{'bread_crumbs'},'','',$hostname); |
| } elsif ($forcereg) { |
} elsif ($forcereg) { |
| $bodytag .= &Apache::lonmenu::innerregister($forcereg,undef, |
$bodytag .= &Apache::lonmenu::innerregister($forcereg,undef, |
| $args->{'group'}, |
$args->{'group'}, |
| $args->{'hide_buttons'}); |
$args->{'hide_buttons', |
| |
$hostname}); |
| } else { |
} else { |
| my $forbodytag; |
my $forbodytag; |
| &Apache::lonmenu::prepare_functions($env{'request.noversionuri'}, |
&Apache::lonmenu::prepare_functions($env{'request.noversionuri'}, |
| $forcereg,$args->{'group'}, |
$forcereg,$args->{'group'}, |
| $args->{'bread_crumbs'}, |
$args->{'bread_crumbs'}, |
| $advtoolsref,'',\$forbodytag); |
$advtoolsref,'',$hostname, |
| |
\$forbodytag); |
| unless (ref($args->{'bread_crumbs'}) eq 'ARRAY') { |
unless (ref($args->{'bread_crumbs'}) eq 'ARRAY') { |
| $bodytag .= $forbodytag; |
$bodytag .= $forbodytag; |
| } |
} |
|
Line 6077 td.LC_menubuttons_text {
|
Line 6085 td.LC_menubuttons_text {
|
| background: $tabbg; |
background: $tabbg; |
| } |
} |
| |
|
| |
td.LC_zero_height { |
| |
line-height: 0; |
| |
cellpadding: 0; |
| |
} |
| |
|
| table.LC_data_table { |
table.LC_data_table { |
| border: 1px solid #000000; |
border: 1px solid #000000; |
| border-collapse: separate; |
border-collapse: separate; |
|
Line 6749 table.LC_data_table tr > td.LC_docs_entr
|
Line 6762 table.LC_data_table tr > td.LC_docs_entr
|
| color: #990000; |
color: #990000; |
| } |
} |
| |
|
| |
.LC_domprefs_email, |
| .LC_docs_reinit_warn, |
.LC_docs_reinit_warn, |
| .LC_docs_ext_edit { |
.LC_docs_ext_edit { |
| font-size: x-small; |
font-size: x-small; |
|
Line 8089 $args - additional optional args support
|
Line 8103 $args - additional optional args support
|
| to lonhtmlcommon::breadcrumbs |
to lonhtmlcommon::breadcrumbs |
| group -> includes the current group, if page is for a |
group -> includes the current group, if page is for a |
| specific group |
specific group |
| |
use_absolute -> for request for external resource or syllabus, this |
| |
will contain https://<hostname> if server uses |
| |
https (as per hosts.tab), but request is for http |
| |
hostname -> hostname, originally from $r->hostname(), (optional). |
| |
|
| =back |
=back |
| |
|
|
Line 15501 sub init_user_environment {
|
Line 15519 sub init_user_environment {
|
| opendir(DIR,$lonids); |
opendir(DIR,$lonids); |
| while ($filename=readdir(DIR)) { |
while ($filename=readdir(DIR)) { |
| if ($filename=~/^$username\_\d+\_$domain\_$authhost\.id$/) { |
if ($filename=~/^$username\_\d+\_$domain\_$authhost\.id$/) { |
| unlink($lonids.'/'.$filename); |
if (tie(my %oldenv,'GDBM_File',"$lonids/$filename", |
| |
&GDBM_READER(),0640)) { |
| |
my $linkedfile; |
| |
if (exists($oldenv{'user.linkedenv'})) { |
| |
$linkedfile = $oldenv{'user.linkedenv'}; |
| |
} |
| |
untie(%oldenv); |
| |
if (unlink("$lonids/$filename")) { |
| |
if ($linkedfile =~ /^[a-f0-9]+_linked$/) { |
| |
if (-l "$lonids/$linkedfile.id") { |
| |
unlink("$lonids/$linkedfile.id"); |
| |
} |
| |
} |
| |
} |
| |
} else { |
| |
unlink($lonids.'/'.$filename); |
| |
} |
| } |
} |
| } |
} |
| closedir(DIR); |
closedir(DIR); |
|
Line 16934 sub des_decrypt {
|
Line 16968 sub des_decrypt {
|
| return $plaintext; |
return $plaintext; |
| } |
} |
| |
|
| |
sub is_nonframeable { |
| |
my ($url,$absolute,$hostname,$ip,$nocache) = @_; |
| |
my ($remprotocol,$remhost) = ($url =~ m{^(https?)\://(([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,})}i); |
| |
return if (($remprotocol eq '') || ($remhost eq '')); |
| |
|
| |
$remprotocol = lc($remprotocol); |
| |
$remhost = lc($remhost); |
| |
my $remport = 80; |
| |
if ($remprotocol eq 'https') { |
| |
$remport = 443; |
| |
} |
| |
my ($result,$cached) = &Apache::lonnet::is_cached_new('noiframe',$remhost.':'.$remport); |
| |
if ($cached) { |
| |
unless ($nocache) { |
| |
if ($result) { |
| |
return 1; |
| |
} else { |
| |
return 0; |
| |
} |
| |
} |
| |
} |
| |
my $uselink; |
| |
my $request = new HTTP::Request('HEAD',$url); |
| |
my $response = &LONCAPA::LWPReq::makerequest('',$request,'','',5); |
| |
if ($response->is_success()) { |
| |
my $secpolicy = lc($response->header('content-security-policy')); |
| |
my $xframeop = lc($response->header('x-frame-options')); |
| |
$secpolicy =~ s/^\s+|\s+$//g; |
| |
$xframeop =~ s/^\s+|\s+$//g; |
| |
if (($secpolicy ne '') || ($xframeop ne '')) { |
| |
my $remotehost = $remprotocol.'://'.$remhost; |
| |
my ($origin,$protocol,$port); |
| |
if ($ENV{'SERVER_PORT'} =~/^\d+$/) { |
| |
$port = $ENV{'SERVER_PORT'}; |
| |
} else { |
| |
$port = 80; |
| |
} |
| |
if ($absolute eq '') { |
| |
$protocol = 'http:'; |
| |
if ($port == 443) { |
| |
$protocol = 'https:'; |
| |
} |
| |
$origin = $protocol.'//'.lc($hostname); |
| |
} else { |
| |
$origin = lc($absolute); |
| |
($protocol,$hostname) = ($absolute =~ m{^(https?:)//([^/]+)$}); |
| |
} |
| |
if (($secpolicy) && ($secpolicy =~ /\Qframe-ancestors\E([^;]*)(;|$)/)) { |
| |
my $framepolicy = $1; |
| |
$framepolicy =~ s/^\s+|\s+$//g; |
| |
my @policies = split(/\s+/,$framepolicy); |
| |
if (@policies) { |
| |
if (grep(/^\Q'none'\E$/,@policies)) { |
| |
$uselink = 1; |
| |
} else { |
| |
$uselink = 1; |
| |
if ((grep(/^\Q*\E$/,@policies)) || (grep(/^\Q$protocol\E$/,@policies)) || |
| |
(($origin ne '') && (grep(/^\Q$origin\E$/,@policies))) || |
| |
(($ip ne '') && (grep(/^\Q$ip\E$/,@policies)))) { |
| |
undef($uselink); |
| |
} |
| |
if ($uselink) { |
| |
if (grep(/^\Q'self'\E$/,@policies)) { |
| |
if (($origin ne '') && ($remotehost eq $origin)) { |
| |
undef($uselink); |
| |
} |
| |
} |
| |
} |
| |
if ($uselink) { |
| |
my @possok; |
| |
if ($ip ne '') { |
| |
push(@possok,$ip); |
| |
} |
| |
my $hoststr = ''; |
| |
foreach my $part (reverse(split(/\./,$hostname))) { |
| |
if ($hoststr eq '') { |
| |
$hoststr = $part; |
| |
} else { |
| |
$hoststr = "$part.$hoststr"; |
| |
} |
| |
if ($hoststr eq $hostname) { |
| |
push(@possok,$hostname); |
| |
} else { |
| |
push(@possok,"*.$hoststr"); |
| |
} |
| |
} |
| |
if (@possok) { |
| |
foreach my $poss (@possok) { |
| |
last if (!$uselink); |
| |
foreach my $policy (@policies) { |
| |
if ($policy =~ m{^(\Q$protocol\E//|)\Q$poss\E(\Q:$port\E|)$}) { |
| |
undef($uselink); |
| |
last; |
| |
} |
| |
} |
| |
} |
| |
} |
| |
} |
| |
} |
| |
} |
| |
} elsif ($xframeop ne '') { |
| |
$uselink = 1; |
| |
my @policies = split(/\s*,\s*/,$xframeop); |
| |
if (@policies) { |
| |
unless (grep(/^deny$/,@policies)) { |
| |
if ($origin ne '') { |
| |
if (grep(/^sameorigin$/,@policies)) { |
| |
if ($remotehost eq $origin) { |
| |
undef($uselink); |
| |
} |
| |
} |
| |
if ($uselink) { |
| |
foreach my $policy (@policies) { |
| |
if ($policy =~ /^allow-from\s*(.+)$/) { |
| |
my $allowfrom = $1; |
| |
if (($allowfrom ne '') && ($allowfrom eq $origin)) { |
| |
undef($uselink); |
| |
last; |
| |
} |
| |
} |
| |
} |
| |
} |
| |
} |
| |
} |
| |
} |
| |
} |
| |
} |
| |
} |
| |
if ($nocache) { |
| |
if ($cached) { |
| |
my $devalidate; |
| |
if ($uselink && !$result) { |
| |
$devalidate = 1; |
| |
} elsif (!$uselink && $result) { |
| |
$devalidate = 1; |
| |
} |
| |
if ($devalidate) { |
| |
&Apache::lonnet::devalidate_cache_new('noiframe',$remhost.':'.$remport); |
| |
} |
| |
} |
| |
} else { |
| |
if ($uselink) { |
| |
$result = 1; |
| |
} else { |
| |
$result = 0; |
| |
} |
| |
&Apache::lonnet::do_cache_new('noiframe',$remhost.':'.$remport,$result,3600); |
| |
} |
| |
return $uselink; |
| |
} |
| |
|
| 1; |
1; |
| __END__; |
__END__; |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to loncommon.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / interface