Author: toad
Date: 2007-05-10 20:33:56 +0000 (Thu, 10 May 2007)
New Revision: 13214
Modified:
trunk/freenet/src/freenet/clients/http/PproxyToadlet.java
Log:
Really disallow plugin access to non-fullAccess (long term, we will revisit
this)
Modified: trunk/freenet/src/freenet/clients/http/PproxyToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/PproxyToadlet.java 2007-05-10
19:50:06 UTC (rev 13213)
+++ trunk/freenet/src/freenet/clients/http/PproxyToadlet.java 2007-05-10
20:33:56 UTC (rev 13214)
@@ -48,6 +48,11 @@
return;
}
+ if(!ctx.isAllowedFullAccess()) {
+ super.sendErrorPage(ctx, 403, "Unauthorized",
l10n("unauthorized"));
+ return;
+ }
+
String path=request.getPath();
// remove leading / and plugins/ from path
@@ -103,11 +108,6 @@
else
{
- if(!ctx.isAllowedFullAccess()) {
- super.sendErrorPage(ctx, 403, "Unauthorized",
"You are not permitted access to this page");
- return;
- }
-
if (request.isPartSet("load")) {
if(Logger.shouldLog(Logger.MINOR, this))
Logger.minor(this, "Loading "+request.getPartAsString("load",
MAX_PLUGIN_NAME_LENGTH));
pm.startPlugin(request.getPartAsString("load",
MAX_PLUGIN_NAME_LENGTH), true);
