aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorredmatrix <git@macgirvin.com>2016-01-28 17:06:13 -0800
committerredmatrix <git@macgirvin.com>2016-01-28 17:06:13 -0800
commitc214692f661488df30eaf00ca85da94a5ecc1e14 (patch)
treed5d0678970b79e997a46516d71618a724a55b471
parent35a9a468ceeb7b8e8b5ae2f026d3bdd76dff68be (diff)
downloadvolse-hubzilla-c214692f661488df30eaf00ca85da94a5ecc1e14.tar.gz
volse-hubzilla-c214692f661488df30eaf00ca85da94a5ecc1e14.tar.bz2
volse-hubzilla-c214692f661488df30eaf00ca85da94a5ecc1e14.zip
add peer filtering to all .well-known services
-rwxr-xr-xboot.php3
-rw-r--r--mod/_well_known.php16
2 files changed, 18 insertions, 1 deletions
diff --git a/boot.php b/boot.php
index 76baba361..4b49cacb5 100755
--- a/boot.php
+++ b/boot.php
@@ -863,7 +863,7 @@ class App {
&& array_key_exists('baseurl',$this->config['system'])
&& strlen($this->config['system']['baseurl'])) {
$url = $this->config['system']['baseurl'];
-
+ $url = trim($url,'\\/');
return $url;
}
@@ -881,6 +881,7 @@ class App {
&& array_key_exists('baseurl',$this->config['system'])
&& strlen($this->config['system']['baseurl'])) {
$url = $this->config['system']['baseurl'];
+ $url = trim($url,'\\/');
}
$parsed = @parse_url($url);
diff --git a/mod/_well_known.php b/mod/_well_known.php
index 58ed13ece..47cfe1512 100644
--- a/mod/_well_known.php
+++ b/mod/_well_known.php
@@ -7,6 +7,22 @@ function _well_known_init(&$a){
$arr = array('server' => $_SERVER, 'request' => $_REQUEST);
call_hooks('well_known', $arr);
+
+ if(! check_siteallowed($_SERVER['REMOTE_ADDR'])) {
+ logger('well_known: site not allowed. ' . $_SERVER['REMOTE_ADDR']);
+ killme();
+ }
+
+ // from php.net re: REMOTE_HOST:
+ // Note: Your web server must be configured to create this variable. For example in Apache
+ // you'll need HostnameLookups On inside httpd.conf for it to exist. See also gethostbyaddr().
+
+ if(get_config('system','siteallowed_remote_host') && (! check_siteallowed($_SERVER['REMOTE_HOST']))) {
+ logger('well_known: site not allowed. ' . $_SERVER['REMOTE_HOST']);
+ killme();
+ }
+
+
switch(argv(1)) {
case 'zot-info':
$a->argc -= 1;