static Class WOTemplateClass = Nil;
static NSString *rapidTurnAroundPath = nil;
+static NSString *redirectURISafetySuffix = nil;
+
+ (int)version {
return [super version] + 0 /* 2 */;
}
+ (void)initialize {
static BOOL didInit = NO;
- if (!didInit) {
- NSUserDefaults *ud = [NSUserDefaults standardUserDefaults];
- didInit = YES;
- NSAssert2([super version] == 2,
- @"invalid superclass (%@) version %i !",
- NSStringFromClass([self superclass]), [super version]);
- debugOn = [ud boolForKey:@"SoObjectRequestHandlerDebugEnabled"];
- debugRulesOn = [ud boolForKey:@"SoObjectRequestHandlerRulesDebugEnabled"];
- disableZLHack = [ud boolForKey:@"DisableZideLookHack"];
-
- WOTemplateClass = [WOTemplate class];
- rapidTurnAroundPath = [[ud stringForKey:@"WOProjectDirectory"] copy];
- }
+ NSUserDefaults *ud = [NSUserDefaults standardUserDefaults];
+ if (didInit)
+ return;
+
+ didInit = YES;
+ NSAssert2([super version] == 2,
+ @"invalid superclass (%@) version %i !",
+ NSStringFromClass([self superclass]), [super version]);
+ debugOn = [ud boolForKey:@"SoObjectRequestHandlerDebugEnabled"];
+ debugRulesOn = [ud boolForKey:@"SoObjectRequestHandlerRulesDebugEnabled"];
+ disableZLHack = [ud boolForKey:@"DisableZideLookHack"];
+
+ WOTemplateClass = [WOTemplate class];
+ rapidTurnAroundPath = [[ud stringForKey:@"WOProjectDirectory"] copy];
+
+ redirectURISafetySuffix =
+ [[ud stringForKey:@"WORedirectURISafetySuffix"] copy];
}
- (id)init {
}
- (NSArray *)traversalPathFromRequest:(WORequest *)_rq {
- static NSArray *rqKeys = nil;
+ static NSArray *rqKeys = nil; /* cache of request handlers */
NSMutableArray *traversalPath;
unsigned i, count;
NSString *m;
- (id)rootObjectForRequest:(WORequest *)_rq inContext:(WOContext *)_ctx {
id object;
- if (self->rootObject)
+ if (self->rootObject != nil)
return self->rootObject;
if ((object = [_ctx application]) == nil)
if (_sn) [self debugWithFormat:@"session 0x%08X: %@", _sn, _sn];
}
+ /* first check safety marker */
+
+ if ([[_rq uri] hasSuffix:redirectURISafetySuffix]) {
+#if 0 // does not work => znek's logging framework
+ [self logWithFormat:
+ @"ERROR: stopping processing because redirect safety suffix was "
+ @"reached:\n uri=%@\n suffix=%@\n",
+ [_rq uri], redirectURISafetySuffix];
+#else
+ NSLog(@"ERROR: stopping processing because redirect safety suffix was "
+ @"reached:\n uri=%@\n suffix=%@\n",
+ [_rq uri], redirectURISafetySuffix);
+#endif
+
+ r = [_ctx response];
+ [r setStatus:403 /* Forbidden */];
+ [r appendContentString:
+ @"Request forbidden, a server side safety limit was reached."];
+ return r;
+ }
+
/* setup rule context */
[self->dispatcherRules reset];
projects / sope / commitdiff