WordPress.org
Get WordPress

Plugin Directory

Changeset 1499441


Ignore:
Timestamp:
09/21/2016 07:28:01 AM (10 years ago)
Author:
luke7263
Message:

Security fix - accepted requests to connector.php can only come from that hosts

Location:
cysteme-finder/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • cysteme-finder/trunk/cysteme-finder.php

    r1490270 r1499441  
    77Author URI: http://cysteme.fr
    88Tags: gestion,fichier,fichiers,file,files,manager,finder,cysteme,explorer,explorateur,luc,christiany,cloud,partage,partages,share,shares
    9 Version: 1.4
     9Version: 1.5
    1010*/
    1111

  • cysteme-finder/trunk/php/connector.php

    r1490268 r1499441  
    11<?php
     2
     3// For important reasons, that script must check authentication/security stuff itself.
     4// Accepted requests only come from that host
     5$referer = $_SERVER['HTTP_REFERER'];
     6$servername = $_SERVER['SERVER_NAME'];
     7if (strncmp ($referer, "http://$servername/", strlen($servername) + 8) && strncmp ($referer, "https://$servername/", strlen($servername) + 9))
     8{
     9    echo "Cannot be launched that way.";
     10    exit;
     11}
    212
    313session_start();

  • cysteme-finder/trunk/readme.txt

    r1491505 r1499441  
    55Tags: file,manager,finder,drag,drop,ftp,edit,list,thumbnail,view
    66Requires at least: 4.0
    7 Tested up to: 4.6
    8 Stable tag: 4.6
     7Tested up to: 4.6.1
     8Stable tag: 4.6.1
    99License: 3-clauses BSD license, read below
    1010
     
    7272== Change Log ==
    7373
     74= 1.5
     75
     76* Security fix - accepted requests to connector.php can only come from that hosts
     77
    7478= 1.4
    7579
Note: See TracChangeset for help on using the changeset viewer.