Yes, the code has a test for the internal headers to prevent someone
from over-writing them with custom headers in the LSL call. Hmm, no this
has not been well tested, I'll go do that. A minor spelling error in the
strings in that code could allow a custom header to sneak through.
On 11/12/2019 7:35 AM, Fred Beckhusen wrote:
--ooo------/\/\/\-----|(------ooo------/\/\/\-----|(------ooo----
Fred K. Beckhusen
President
Micro Technology Services, Inc.
fre...@mitsi.com
tel: (888) 230-MTSI Toll Free
cel: (469) 951-7635
http://www.mitsi.com
I would think a grid could be be very trustworthy with this patch, as
the headers are set in code. No one but the grid operator can change
them. I am assuming the HTTP_CUSTOM_HEADER does not override these
settings, or can be detected. Has this been tested?
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
_______________________________________________
Opensim-dev mailing list
Opensim-dev@opensimulator.org
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev
_______________________________________________
Opensim-dev mailing list
Opensim-dev@opensimulator.org
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev
