[MediaWiki-commits] [Gerrit] Fixed maps referrer header check - change (operations/puppet)

Mon, 07 Mar 2016 18:05:26 -0800 

BBlack has submitted this change and it was merged.

Change subject: Fixed maps referrer header check
......................................................................


Fixed maps referrer header check

Firefox does not send trailing / symbol for referrer.

Bug: T129187
Change-Id: I4e20c458b5bf3dbb8ccefc2ad1e2be525ee65796
---
M templates/varnish/maps-frontend.inc.vcl.erb
1 file changed, 4 insertions(+), 4 deletions(-)

Approvals:
  BBlack: Verified; Looks good to me, approved



diff --git a/templates/varnish/maps-frontend.inc.vcl.erb 
b/templates/varnish/maps-frontend.inc.vcl.erb
index 52fd6e7..0a72093 100644
--- a/templates/varnish/maps-frontend.inc.vcl.erb
+++ b/templates/varnish/maps-frontend.inc.vcl.erb
@@ -5,10 +5,10 @@
 sub cluster_fe_recv {
        if (req.http.referer
                && req.url != "/"
-               && req.http.referer !~ 
"(?i)^https?://([-a-zA-Z0-9.]+\.)?(mediawiki|wikivoyage|wikivoyage-ev|wmflabs|wikidata)\.org/"
-               && req.http.referer !~ 
"(?i)^https?://(maps|phabricator|wikitech|incubator)\.wikimedia\.org/"
-               && req.http.referer !~ 
"(?i)^https?://test2?\.(m\.)?wikipedia\.org/"
-               && req.http.referer !~ 
"(?i)^https?://(localhost|127\.0\.0\.1)(:\d+)?/"
+               && req.http.referer !~ 
"(?i)^https?://([-a-zA-Z0-9.]+\.)?(mediawiki|wikivoyage|wikivoyage-ev|wmflabs|wikidata)\.org(/|$)"
+               && req.http.referer !~ 
"(?i)^https?://(maps|phabricator|wikitech|incubator)\.wikimedia\.org(/|$)"
+               && req.http.referer !~ 
"(?i)^https?://test2?\.(m\.)?wikipedia\.org(/|$)"
+               && req.http.referer !~ 
"(?i)^https?://(localhost|127\.0\.0\.1)(:\d+)?(/|$)"
        ) {
                error 403 "Access Denied";
        }

-- 
To view, visit https://gerrit.wikimedia.org/r/275743
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I4e20c458b5bf3dbb8ccefc2ad1e2be525ee65796
Gerrit-PatchSet: 2
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Yurik <[email protected]>
Gerrit-Reviewer: Alexandros Kosiaris <[email protected]>
Gerrit-Reviewer: BBlack <[email protected]>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to