-const char cgi_rcs[] = "$Id: cgi.c,v 1.168 2017/01/23 13:05:12 fabiankeil Exp $";
+const char cgi_rcs[] = "$Id: cgi.c,v 1.170 2017/01/23 16:12:18 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/cgi.c,v $
{
char *referrer;
static const char alternative_prefix[] = "http://" CGI_SITE_1_HOST "/";
+ const char *trusted_cgi_referrer = csp->config->trusted_cgi_referrer;
referrer = grep_cgi_referrer(csp);
return TRUE;
}
+ else if ((trusted_cgi_referrer != NULL) && (0 == strncmp(referrer,
+ trusted_cgi_referrer, strlen(trusted_cgi_referrer))))
+ {
+ /*
+ * After some more testing this block should be merged with
+ * the previous one or the log level should bedowngraded.
+ */
+ log_error(LOG_LEVEL_INFO, "Granting access to %s based on trusted referrer %s",
+ csp->http->url, referrer);
+
+ return TRUE;
+ }
else
{
/* Untrustworthy referrer */
}
else
{
- string_append(&result, "https://");
+ string_append(&result, "http://");
string_append(&result, CGI_SITE_2_HOST);
string_append(&result, "/user-manual/");
}