This is an automated email from the ASF dual-hosted git repository.
snoopdave pushed a commit to branch roller-6.0.x
in repository https://gitbox.apache.org/repos/asf/roller.git
commit b013c744161dd423ccd9b4f1e4d2f82e0d8bbd2e
Author: David M. Johnson <snoopd...@apache.org>
AuthorDate: Sun Jul 18 16:24:18 2021 -0400
Cherry pick referrer fix.
---
.../roller/weblogger/ui/rendering/servlets/PageServlet.java | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git
a/app/src/main/java/org/apache/roller/weblogger/ui/rendering/servlets/PageServlet.java
b/app/src/main/java/org/apache/roller/weblogger/ui/rendering/servlets/PageServlet.java
index bffffb9..8f3a7b9 100644
---
a/app/src/main/java/org/apache/roller/weblogger/ui/rendering/servlets/PageServlet.java
+++
b/app/src/main/java/org/apache/roller/weblogger/ui/rendering/servlets/PageServlet.java
@@ -620,8 +620,6 @@ public class PageServlet extends HttpServlet {
}
String requestUrl = reqsb.toString();
- log.debug("referrer = " + referrerUrl);
-
// if this came from persons own blog then don't process it
String selfSiteFragment = "/" + pageRequest.getWeblogHandle();
if (referrerUrl != null && referrerUrl.contains(selfSiteFragment)) {
@@ -657,10 +655,9 @@ public class PageServlet extends HttpServlet {
}
String requestSite = requestUrl.substring(0, lastSlash);
- if (!referrerUrl.matches(requestSite + ".*\\.rol.*") &&
-
BlacklistChecker.checkReferrer(pageRequest.getWeblog(), referrerUrl)) {
- return true;
- }
+ return !(referrerUrl.startsWith(requestSite)
+ && referrerUrl.indexOf(".rol") >= requestSite.length())
+ &&
BlacklistChecker.checkReferrer(pageRequest.getWeblog(), referrerUrl);
}
} else {
log.debug("Ignoring referer = " + referrerUrl);
