diff options
| author | redmatrix <git@macgirvin.com> | 2016-04-05 21:20:23 -0700 |
|---|---|---|
| committer | redmatrix <git@macgirvin.com> | 2016-04-05 21:20:23 -0700 |
| commit | 10f1e2d51b25c8c770419317a7d5ca78ce0ccd6a (patch) | |
| tree | 22a73f6722e18fc792a145aed37106f1e8787844 /mod | |
| parent | 9fd8634b62a728e3e6047319548e5029a3d89275 (diff) | |
| download | volse-hubzilla-10f1e2d51b25c8c770419317a7d5ca78ce0ccd6a.tar.gz volse-hubzilla-10f1e2d51b25c8c770419317a7d5ca78ce0ccd6a.tar.bz2 volse-hubzilla-10f1e2d51b25c8c770419317a7d5ca78ce0ccd6a.zip | |
add some doco to getfile module
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/getfile.php | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/mod/getfile.php b/mod/getfile.php index 8a8fa6465..16392f8dd 100644 --- a/mod/getfile.php +++ b/mod/getfile.php @@ -1,5 +1,25 @@ <?php +/** + * module: getfile + * + * used for synchronising files and photos across clones + * + * The site initiating the file operation will send a sync packet to known clones. + * They will respond by building the DB structures they require, then will provide a + * post request to this site to grab the file data. This is sent as a stream direct to + * disk at the other end, avoiding memory issues. + * + * Since magic-auth cannot easily be used by the CURL process at the other end, + * we will require a signed request which includes a timestamp. This should not be + * used without SSL and is potentially vulnerable to replay if an attacker decrypts + * the SSL traffic fast enough. The amount of time slop is configurable but defaults + * to 3 minutes. + * + */ + + + require_once('include/Contact.php'); function getfile_post(&$a) { |