[LON-CAPA-cvs] cvs: loncom / lontrans.pm
raeburn
raeburn at source.lon-capa.org
Sun Aug 8 16:51:33 EDT 2021
raeburn Sun Aug 8 20:51:33 2021 EDT
Modified files:
/loncom lontrans.pm
Log:
- Bug 6914. Running LON-CAPA behind web application firewall/reverse proxy (WAF)
- Requests for /adm/lti/* and /adm/launch/* should not be redirected to an
alias (if in use).
- Requests for /adm/dns/* from other nodes in the network do not require
to an alias (if in use).
Index: loncom/lontrans.pm
diff -u loncom/lontrans.pm:1.33 loncom/lontrans.pm:1.34
--- loncom/lontrans.pm:1.33 Sat Jul 17 21:48:27 2021
+++ loncom/lontrans.pm Sun Aug 8 20:51:33 2021
@@ -1,7 +1,7 @@
# The LearningOnline Network
# URL translation for User Files
#
-# $Id: lontrans.pm,v 1.33 2021/07/17 21:48:27 raeburn Exp $
+# $Id: lontrans.pm,v 1.34 2021/08/08 20:51:33 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -67,7 +67,8 @@
my ($redirect,$remote_ip);
if ($hdrhost eq $alias) {
$remote_ip = &Apache::lonnet::get_requestor_ip($r,REMOTE_NOLOOKUP);
- if ($vpnext && &Apache::lonnet::ip_match($remote_ip,$vpnext)) {
+ if (($vpnext && &Apache::lonnet::ip_match($remote_ip,$vpnext)) &&
+ ($r->uri !~ m{^/adm/(lti|launch)/})) {
$redirect = $hostname;
if ($redirect eq $hdrhost) {
undef($redirect);
@@ -77,9 +78,10 @@
$remote_ip = &Apache::lonnet::get_requestor_ip($r,REMOTE_NOLOOKUP,1);
unless (($remote_ip eq '127.0.0.1') || ($remote_ip eq '::1') ||
($remote_ip eq &Apache::lonnet::get_host_ip($lonhost)) ||
+ ($r->uri=~m{^/adm/(lti|launch)/}) ||
($vpnint && &Apache::lonnet::ip_match($remote_ip,$vpnint))) {
$redirect = $alias;
- if (($r->uri=~m{^/raw/}) || ($r->uri=~m{^/adm/dns/(hosts|domain)$})) {
+ if (($r->uri=~m{^/raw/}) || ($r->uri=~m{^/adm/dns/})) {
my %iphost = &Apache::lonnet::get_iphost();
if (exists($iphost{$remote_ip})) {
undef($redirect);
More information about the LON-CAPA-cvs
mailing list