File:
[LON-CAPA] /
loncom /
lonencurl.pm
Revision
1.7:
download - view:
text,
annotated -
select for diffs
Wed Mar 4 16:33:35 2020 UTC (4 years, 6 months ago) by
raeburn
Branches:
MAIN
CVS tags:
version_2_12_X,
version_2_11_X,
version_2_11_5_msu,
version_2_11_5,
version_2_11_4_uiuc,
version_2_11_4_msu,
version_2_11_4,
version_2_11_3_uiuc,
version_2_11_3_msu,
version_2_11_3,
HEAD
- External resource(s) in a composite page.
- Support external resource with anchor
- Support display where encrypted URL parameter is set for resource.
- Display as link, not iframe, on (a) mobile devices, (b) if resource's
server has Content-Security-Policy or X-Frame-Options set to prevent
iframe use, or (c) URL is http, but LON-CAPA page is served https.
1:
2: # The LearningOnline Network
3: # URL translation for encrypted filenames
4: #
5: # $Id: lonencurl.pm,v 1.7 2020/03/04 16:33:35 raeburn Exp $
6: #
7: # Copyright Michigan State University Board of Trustees
8: #
9: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
10: #
11: # LON-CAPA is free software; you can redistribute it and/or modify
12: # it under the terms of the GNU General Public License as published by
13: # the Free Software Foundation; either version 2 of the License, or
14: # (at your option) any later version.
15: #
16: # LON-CAPA is distributed in the hope that it will be useful,
17: # but WITHOUT ANY WARRANTY; without even the implied warranty of
18: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19: # GNU General Public License for more details.
20: #
21: # You should have received a copy of the GNU General Public License
22: # along with LON-CAPA; if not, write to the Free Software
23: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24: #
25: # /home/httpd/html/adm/gpl.txt
26: #
27: # http://www.lon-capa.org/
28: #
29:
30: package Apache::lonencurl;
31:
32: use strict;
33: use Apache::Constants qw(:common :remotehost);
34: use Apache::lonnet;
35: use Apache::lonenc;
36: use GDBM_File;
37:
38: sub handler {
39: my $r = shift;
40:
41: $env{'request.enc'}=1;
42:
43: my $handle = &Apache::lonnet::check_for_valid_session($r);
44: if ($handle ne '') {
45: # Initialize Environment
46: my $lonidsdir=$r->dir_config('lonIDsDir');
47: &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
48: # Decrypt URL, if appropriate, and redirect
49: my $redirect;
50: my ($decrypted,$encnum,$remainder) = &checkdecryption($r->uri);
51: if (($encnum ne '') && ($remainder ne '')) {
52: my $referrer = $r->headers_in->{'Referer'} || '';
53: my $host = $r->headers_in->{'Host'};
54: my $decryptreferrer;
55: if ($referrer =~ m{^https?://\Q$host\E(/enc/\Q$encnum\E/[^?]+)}) {
56: ($decryptreferrer) = &checkdecryption($1);
57: }
58: if ($decryptreferrer eq '') {
59: if ($env{'request.course.fn'} ne '') {
60: my %symbhash;
61: if (tie(%symbhash,'GDBM_File',$env{'request.course.fn'}.'_symb.db',
62: &GDBM_READER(),0640)) {
63: my $lastsymb=$symbhash{'last_known'};
64: untie(%symbhash);
65: (undef,undef,$decryptreferrer)=&Apache::lonnet::decode_symb($lastsymb);
66: $decryptreferrer = &Apache::lonnet::clutter($decryptreferrer);
67: }
68: }
69: }
70: if ($decryptreferrer ne '') {
71: my ($referrerpath) = ($decryptreferrer =~ m{^(.+/)[^/]+$});
72: if (($env{'httpref.'.$referrerpath.$remainder} eq $decryptreferrer) ||
73: ($env{'httpref.'.$referrerpath.'*'} eq $decryptreferrer) ||
74: ($env{'httpref.'.$referrerpath} eq $decryptreferrer)) {
75: $redirect=$referrerpath.$remainder;
76: }
77: }
78: }
79: my $anchor;
80: if ($redirect eq '') {
81: $redirect=&Apache::lonenc::unencrypted($r->uri);
82: if ($redirect =~ m{^/adm/wrapper/ext/[^\#]+(\#.+)$}) {
83: $anchor = $1;
84: $redirect =~ s/\#.+$//;
85: } elsif (($redirect =~ m{^https?://}) && ($r->args)) {
86: my $symb;
87: foreach my $item (split(/\&/,$r->args)) {
88: my ($key,$value) = split(/=/,$item);
89: if ($key eq 'symb') {
90: $symb = &Apache::lonenc::unencrypted($value);
91: last;
92: }
93: }
94: if ($symb) {
95: my ($map,$id,$res) = &Apache::lonnet::decode_symb($symb);
96: if (($map =~ /\.page$/) && ($res =~ m{^ext/})) {
97: if ($res =~ /(\#[^#]+)$/) {
98: $anchor = $1;
99: }
100: $r->headers_out->set(Location => $redirect.$anchor);
101: return REDIRECT;
102: }
103: }
104: }
105: }
106: if ($r->args) { $redirect.='?'.$r->args; }
107: $r->internal_redirect($redirect.$anchor);
108: return OK;
109: }
110: return FORBIDDEN;
111: }
112:
113: sub checkdecryption {
114: my ($uri) = @_;
115: my ($encnum,$encname,$rest) = ($uri =~ m{^/enc/(\d+)/([^.]+)(.*)$});
116: my $enclength = length($encname);
117: my $rem = $enclength%16;
118: if (($encname =~ /[^a-f0-9]/) || ($rem != 0) || ($enclength < 16)) {
119: return ('',$encnum,$encname.$rest);
120: } else {
121: return (&Apache::lonenc::unencrypted($uri));
122: }
123: }
124:
125: 1;
126: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>