New Message: Re: Cannot render because of #security
webmaster at userland.com
webmaster at userland.com
Wed Apr 23 17:14:55 PDT 2003
A new message was posted:
Address: http://frontier.userland.com/discuss/msgReader$11728
By: Mark Gillingham (markgill at greatbooks.org)
local (pta = parentof (requestheaders)); // Original Script sometimes fails
´local (pta = @parentof (requestHeaders)^)
´local (pta = html.setPageTableAddress(@parentOf(requestHeaders)^))
temp.pageTableAddresses = pta^.requestHeaders;
local (referer );
local (URL );
local \{
trustedDomain="my.domain.com";
trustedIP="123.456.789.0"};
URL=string.lower (uri);
if URL endswith "/login" or URL endswith "/signup" \{ ´anyone can login
return;
};
try \{ ´if cookie says trusted domain, you're free to roam
if pta^.requestHeaders.Cookies.originalEntry=="mail" \{
log.addToGuestdatabase ("Intranet: Cookie set", pta^.requestHeaders.Cookies.originalEntry);
return}};
try \{ ´if cookie is intranetManilaWebsite, then you must be logged in already
if pta^.requestHeaders.Cookies.intranetmanilawebsite \{
log.addToGuestdatabase ("Intranet: Logged In", pta^.requestHeaders.Cookies.intranetmanilawebsite);
return}};
if defined (pta^.requestHeaders.referer) \{ ´check for trusted domain, either set a cookie and continue or send to login
referer = string.lower(pta^.requestHeaders.referer);
if referer contains trustedDomain or referer contains trustedIP \{
webserver.util.setCookie (pta, "originalEntry", "mail"); ´record trusted domain status
log.addToGuestdatabase ("Intranet: Trusted Domain", trustedDomain);
return;
}
else \{
´scripterror("not a trusted domain")
log.addToGuestdatabase ("Intranet: Not Trusted", pta^.requestHeaders.referer);
scripterror("!redirect member/login")};
}
else \{
´scripterror("no referer")
scripterror("!redirect member/login")};
This is a Manila site.. http://manila.userland.com/.
More information about the Frontier-Server
mailing list