HelloZeroNet/ZeroNet
1
0
Fork 0
mirror of https://github.com/HelloZeroNet/ZeroNet.git synced 2023-12-14 04:33:03 +01:00
Code Issues Projects Releases Wiki Activity

Filter media referrer by original request address

Browse source
This commit is contained in:
ZeroNet 2016-08-10 12:24:47 +02:00
parent 04bed98a97
commit 835381fbb1
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/Ui/UiRequest.py
View file

@ -327,7 +327,8 @@ class UiRequest(object):
referer = self.env.get("HTTP_REFERER")
if referer and path_parts: # Only allow same site to receive media
if not self.isMediaRequestAllowed(path_parts["address"], referer):
if not self.isMediaRequestAllowed(path_parts["request_address"], referer):
self.log.error("Media referrer error: %s not allowed from %s" % (path_parts["address"], referer))
return self.error403("Media referrer error") # Referrer not starts same address as requested path
if path_parts: # Looks like a valid path