|
version 1.529, 2016/09/24 15:35:25
|
version 1.531, 2017/02/07 18:14:13
|
|
Line 1572 sub du2_handler {
|
Line 1572 sub du2_handler {
|
| # If the requested path contains /../ or is: |
# If the requested path contains /../ or is: |
| # |
# |
| # 1. for a directory, and the path does not begin with one of: |
# 1. for a directory, and the path does not begin with one of: |
| # (a) /home/httpd/html/res/<domain>/ |
# (a) /home/httpd/html/res/<domain> |
| # (b) /home/httpd/html/res/userfiles/ |
# (b) /home/httpd/html/res/userfiles/ |
| # (c) /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/userfiles |
# (c) /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/userfiles |
| # or is: |
# or is: |
|
Line 1609 sub ls_handler {
|
Line 1609 sub ls_handler {
|
| } |
} |
| if (-e $ulsdir) { |
if (-e $ulsdir) { |
| if(-d $ulsdir) { |
if(-d $ulsdir) { |
| unless (($ulsdir =~ m{/home/httpd/html/(res/$LONCAPA::match_domain|userfiles)/}) || |
unless (($ulsdir =~ m{/home/httpd/html/(res/$LONCAPA::match_domain|userfiles/)}) || |
| ($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/userfiles/})) { |
($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/userfiles/})) { |
| &Failure($client,"refused\n",$userinput); |
&Failure($client,"refused\n",$userinput); |
| return 1; |
return 1; |
|
Line 1669 sub ls_handler {
|
Line 1669 sub ls_handler {
|
| # If the requested path contains /../ or is: |
# If the requested path contains /../ or is: |
| # |
# |
| # 1. for a directory, and the path does not begin with one of: |
# 1. for a directory, and the path does not begin with one of: |
| # (a) /home/httpd/html/res/<domain>/ |
# (a) /home/httpd/html/res/<domain> |
| # (b) /home/httpd/html/res/userfiles/ |
# (b) /home/httpd/html/res/userfiles/ |
| # (c) /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/userfiles |
# (c) /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/userfiles |
| # or is: |
# or is: |
|
Line 1705 sub ls2_handler {
|
Line 1705 sub ls2_handler {
|
| } |
} |
| if (-e $ulsdir) { |
if (-e $ulsdir) { |
| if(-d $ulsdir) { |
if(-d $ulsdir) { |
| unless (($ulsdir =~ m{/home/httpd/html/(res/$LONCAPA::match_domain|userfiles)/}) || |
unless (($ulsdir =~ m{/home/httpd/html/(res/$LONCAPA::match_domain|userfiles/)}) || |
| ($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/userfiles/})) { |
($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/userfiles/})) { |
| &Failure($client,"refused\n","$userinput"); |
&Failure($client,"refused\n","$userinput"); |
| return 1; |
return 1; |
|
Line 1758 sub ls2_handler {
|
Line 1758 sub ls2_handler {
|
| # If the requested path (after prepending) contains /../ or is: |
# If the requested path (after prepending) contains /../ or is: |
| # |
# |
| # 1. for a directory, and the path does not begin with one of: |
# 1. for a directory, and the path does not begin with one of: |
| # (a) /home/httpd/html/res/<domain>/ |
# (a) /home/httpd/html/res/<domain> |
| # (b) /home/httpd/html/res/userfiles/ |
# (b) /home/httpd/html/res/userfiles/ |
| # (c) /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/userfiles |
# (c) /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/userfiles |
| # (d) /home/httpd/html/priv/<domain>/ and client is the homeserver |
# (d) /home/httpd/html/priv/<domain>/ and client is the homeserver |
| # |
# |
| # or is: |
# or is: |
| # |
# |
| # 2. for a file, and the path (after prepending) does not begin with: |
# 2. for a file, and the path (after prepending) does not begin with: |
| # /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/ |
# /home/httpd/lonUsers/<domain>/<1>/<2>/<3>/<username>/ |
|
Line 1843 sub ls3_handler {
|
Line 1843 sub ls3_handler {
|
| if (-e $ulsdir) { |
if (-e $ulsdir) { |
| if(-d $ulsdir) { |
if(-d $ulsdir) { |
| unless (($getpropath) || ($getuserdir) || |
unless (($getpropath) || ($getuserdir) || |
| ($ulsdir =~ m{/home/httpd/html/(res/$LONCAPA::match_domain|userfiles)/}) || |
($ulsdir =~ m{/home/httpd/html/(res/$LONCAPA::match_domain|userfiles/)}) || |
| ($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/userfiles/}) || |
($ulsdir =~ m{/home/httpd/lonUsers/$LONCAPA::match_domain(?:/[\w\-.@]){3}/$LONCAPA::match_username/userfiles/}) || |
| (($ulsdir =~ m{/home/httpd/html/priv/$LONCAPA::match_domain/}) && ($islocal))) { |
(($ulsdir =~ m{/home/httpd/html/priv/$LONCAPA::match_domain/}) && ($islocal))) { |
| &Failure($client,"refused\n",$userinput); |
&Failure($client,"refused\n",$userinput); |
|
Line 1901 sub read_lonnet_global {
|
Line 1901 sub read_lonnet_global {
|
| ); |
); |
| my %limit_to = ( |
my %limit_to = ( |
| perlvar => { |
perlvar => { |
| lonOtherAuthen => 1, |
lonOtherAuthen => 1, |
| lonBalancer => 1, |
lonBalancer => 1, |
| lonVersion => 1, |
lonVersion => 1, |
| lonSysEMail => 1, |
lonAdmEMail => 1, |
| lonHostID => 1, |
lonSupportEMail => 1, |
| lonRole => 1, |
lonSysEMail => 1, |
| lonDefDomain => 1, |
lonHostID => 1, |
| lonLoadLim => 1, |
lonRole => 1, |
| lonUserLoadLim => 1, |
lonDefDomain => 1, |
| |
lonLoadLim => 1, |
| |
lonUserLoadLim => 1, |
| } |
} |
| ); |
); |
| if (ref($requested) eq 'HASH') { |
if (ref($requested) eq 'HASH') { |
![[BACK]](/icons/back.gif){kind=icon}
Return to lond CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom