[Fusionforge-commits] r8622 - trunk/gforge/www/docman

Alain Peyrat aljeux at libremir.placard.fr.eu.org
Tue Dec 22 21:02:53 CET 2009


Author: aljeux
Date: 2009-12-22 21:02:52 +0100 (Tue, 22 Dec 2009)
New Revision: 8622

Modified:
   trunk/gforge/www/docman/view.php
Log:
Docman: Protect served documents to avoid loops when some html documents with links inside are uploaded

Modified: trunk/gforge/www/docman/view.php
===================================================================
--- trunk/gforge/www/docman/view.php	2009-12-22 20:02:47 UTC (rev 8621)
+++ trunk/gforge/www/docman/view.php	2009-12-22 20:02:52 UTC (rev 8622)
@@ -26,6 +26,7 @@
 $arr=explode('/',getStringFromServer('REQUEST_URI'));
 $group_id=$arr[3];
 $docid=$arr[4];
+$docname=urldecode($arr[5]);
 
 if ($docid) {
 
@@ -46,9 +47,29 @@
 		exit_error('Error',$d->getErrorMessage());
 	}
 
+	/** 
+	 * If the served document has wrong relative links, then
+	 * theses links may redirect to the same document with another
+	 * name, this way a search engine may loop and stress the
+	 * server.
+	 *
+	 * A workaround is to serve only the document if the given
+	 * name is correct.
+	 */
+	if ($d->getFileName() != $docname) {
+		exit_error(_('No document data'),
+			   _('No document to display - invalid or inactive document number'));
+
+	}
+
 	Header ('Content-disposition: filename="'.str_replace('"', '', $d->getFileName()).'"');
-	Header ("Content-type: ".$d->getFileType());
 
+	if (strstr($d->getFileType(),'app')) {
+		Header ("Content-type: application/binary");
+	} else {
+		Header ("Content-type: ".$d->getFileType());
+	}
+
 	echo $d->getFileData();
 
 } else {




More information about the Fusionforge-commits mailing list