diff options
| author | Derrell Lipman <derrell@samba.org> | 2007-01-05 19:29:45 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:36:56 -0500 |
| commit | 102e4840b3bc11cc84a0ecb784190e7501277ac4 (patch) | |
| tree | 7070fddf213250f48f4ad0b905deb099f5e4c3f5 /services | |
| parent | 8f0a0ebcb380acf57d418a6598c75e42b0bf24dc (diff) | |
| download | samba-102e4840b3bc11cc84a0ecb784190e7501277ac4.tar.gz samba-102e4840b3bc11cc84a0ecb784190e7501277ac4.tar.bz2 samba-102e4840b3bc11cc84a0ecb784190e7501277ac4.zip | |
r20559: Web Application Framework
- Disallow, for now, any ScriptTransport access. A serious security issue has
been described, and since we don't currently need it for anything, disable
it completely.
- Continued clean-up towards implementing the common authentication code
(This used to be commit 07817a5489dd8cc6c85c10116f4dba43d798ef03)
Diffstat (limited to 'services')
| -rw-r--r-- | services/json_auth.esp | 8 | ||||
| -rw-r--r-- | services/request.esp | 15 |
2 files changed, 20 insertions, 3 deletions
diff --git a/services/json_auth.esp b/services/json_auth.esp index 2d58b6e2af..0fdd98037d 100644 --- a/services/json_auth.esp +++ b/services/json_auth.esp @@ -1,7 +1,13 @@ <% /* Return true to allow access; false otherwise */ -function json_authenticate(serviceComponents, method) +function json_authenticate(serviceComponents, method, scriptTransportId) { + // Don't allow any access via ScriptTransport, for now. + if (scriptTransportId != jsonrpc.Constant.ScriptTransport.NotInUse) + { + return false; + } + return true; } diff --git a/services/request.esp b/services/request.esp index 1b33b61964..6f7e61e6e4 100644 --- a/services/request.esp +++ b/services/request.esp @@ -292,6 +292,8 @@ if (request["REQUEST_METHOD"] == "POST" && } else if (request["REQUEST_METHOD"] == "GET" && form["_ScriptTransport_id"] != undefined && + form["_ScriptTransport_id"] != + jsonrpc.Constant.ScriptTransport.NotInUse && form["_ScriptTransport_data"] != undefined) { /* We have what looks like a valid ScriptTransport request */ @@ -455,8 +457,17 @@ if (! valid) return; } -/* Ensure the logged-in user is allowed to issue the requested method */ -if (! json_authenticate(serviceComponents, jsonInput.method)) +/* + * Ensure the logged-in user is allowed to issue the requested method. We + * provide the scriptTransportId as one of the determining factors because + * accepting requests via ScriptTransport is dangerous. Only methods which + * one might allow when unauthenticated should be allowed via ScriptTransport + * as it is easy for a rogue site to trick a user into bypassing + * authentication. + */ +if (! json_authenticate(serviceComponents, + jsonInput.method, + scriptTransportId)) { error.setError(jsonrpc.Constant.ErrorCode.PermissionDenied, "Permission denied"); |