File:  [LON-CAPA] / loncom / lonencurl.pm
Revision 1.5: download - view: text, annotated - select for diffs
Sat Oct 1 03:18:57 2011 UTC (12 years, 5 months ago) by raeburn
Branches: MAIN
CVS tags: version_2_11_1, version_2_11_0_RC3, version_2_11_0_RC2, version_2_11_0_RC1, version_2_11_0, language_hyphenation_merge, language_hyphenation, HEAD, BZ4492-merge, BZ4492-feature_horizontal_radioresponse, BZ4492-feature_Support_horizontal_radioresponse, BZ4492-Support_horizontal_radioresponse
- Bug 5047.
  - Display applets where encrypted URL is in operation, at least for cases
    where there is a single archive file, and code and archive are in
    same directory as html file containing applet, object or embed tag.
- Also allows display of Camtasia files with encrypted URL where there
  are dependencies on .js, .swf and .mp4 files.
- Note: the names of the java class file, java archive file, .swf,
  and .mp4 files is visible, unencrypted in the HTML source for the
  web page containing the applet or the movie.

    1: 
    2: # The LearningOnline Network
    3: # URL translation for encrypted filenames
    4: #
    5: # $Id: lonencurl.pm,v 1.5 2011/10/01 03:18:57 raeburn Exp $
    6: #
    7: # Copyright Michigan State University Board of Trustees
    8: #
    9: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
   10: #
   11: # LON-CAPA is free software; you can redistribute it and/or modify
   12: # it under the terms of the GNU General Public License as published by
   13: # the Free Software Foundation; either version 2 of the License, or
   14: # (at your option) any later version.
   15: #
   16: # LON-CAPA is distributed in the hope that it will be useful,
   17: # but WITHOUT ANY WARRANTY; without even the implied warranty of
   18: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   19: # GNU General Public License for more details.
   20: #
   21: # You should have received a copy of the GNU General Public License
   22: # along with LON-CAPA; if not, write to the Free Software
   23: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   24: #
   25: # /home/httpd/html/adm/gpl.txt
   26: #
   27: # http://www.lon-capa.org/
   28: #
   29: 
   30: package Apache::lonencurl;
   31: 
   32: use strict;
   33: use Apache::Constants qw(:common :remotehost);
   34: use Apache::lonnet;
   35: use Apache::lonenc;
   36: use GDBM_File;
   37: 
   38: sub handler {
   39:     my $r = shift;
   40: 
   41:     $env{'request.enc'}=1;
   42: 
   43:     my $handle = &Apache::lonnet::check_for_valid_session($r);
   44:     if ($handle ne '') {
   45: # Initialize Environment
   46: 	my $lonidsdir=$r->dir_config('lonIDsDir');
   47: 	&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
   48: # Decrypt URL, if appropriate, and redirect
   49:         my $redirect;
   50:         my ($decrypted,$encnum,$remainder) = &checkdecryption($r->uri);
   51:         if (($encnum ne '') && ($remainder ne '')) {
   52:             my $referrer = $r->headers_in->{'Referer'} || '';
   53:             my $host = $r->headers_in->{'Host'};
   54:             my $decryptreferrer;
   55:             if ($referrer =~ m{^https?://\Q$host\E(/enc/\Q$encnum\E/[^?]+)}) {
   56:                 ($decryptreferrer) = &checkdecryption($1);
   57:             }
   58:             if ($decryptreferrer eq '') {
   59:                 if ($env{'request.course.fn'} ne '') {
   60:                     my %symbhash;
   61:                     if (tie(%symbhash,'GDBM_File',$env{'request.course.fn'}.'_symb.db',
   62:                         &GDBM_READER(),0640)) {
   63:                         my $lastsymb=$symbhash{'last_known'};
   64:                         untie(%symbhash);
   65:                         (undef,undef,$decryptreferrer)=&Apache::lonnet::decode_symb($lastsymb);
   66:                         $decryptreferrer = &Apache::lonnet::clutter($decryptreferrer);
   67:                     }
   68:                 }
   69:             }
   70:             if ($decryptreferrer ne '') {
   71:                 my ($referrerpath) = ($decryptreferrer =~ m{^(.+/)[^/]+$});
   72:                 if (($env{'httpref.'.$referrerpath.$remainder} eq $decryptreferrer) ||
   73:                     ($env{'httpref.'.$referrerpath.'*'} eq $decryptreferrer) ||
   74:                     ($env{'httpref.'.$referrerpath} eq $decryptreferrer)) {
   75:                    $redirect=$referrerpath.$remainder;
   76:                 }
   77:             }
   78:         }
   79:         if ($redirect eq '') {
   80:             $redirect=&Apache::lonenc::unencrypted($r->uri);
   81:         }
   82: 	if ($r->args) { $redirect.='?'.$r->args; }
   83: 	$r->internal_redirect($redirect);
   84: 	return OK;
   85:     }
   86:     return FORBIDDEN;
   87: }
   88: 
   89: sub checkdecryption {
   90:     my ($uri) = @_;
   91:     my ($encnum,$encname,$rest) = ($uri =~ m{^/enc/(\d+)/([^.]+)(.*)$});
   92:     my $enclength = length($encname);
   93:     my $rem = $enclength%16;
   94:     if (($encname =~ /[^a-f0-9]/) || ($rem != 0) || ($enclength < 16)) {
   95:         return ('',$encnum,$encname.$rest);
   96:     } else {
   97:         return (&Apache::lonenc::unencrypted($uri));
   98:     }
   99: }
  100: 
  101: 1;
  102: __END__

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>