svn commit: samba r20723 - in branches/SAMBA_4_0: source/web_server webapps/qooxdoo-0.6.3-sdk/frontend/framework/source/class/qx/io/remote

derrell at samba.org derrell at samba.org
Sat Jan 13 02:27:55 GMT 2007


Author: derrell
Date: 2007-01-13 02:27:54 +0000 (Sat, 13 Jan 2007)
New Revision: 20723

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=20723

Log:
Web Application Framework

- Clearly no one has ever tried to obtain the Referer from the web server
  before. :-)

- Send the Referer from the web application, in preparation for later security
  updates.  (These updates are not immediately necessary, as ScriptTransport
  is disabled and we check the content type on XmlHttpTransport.  This isn't
  anything to worry about.)

Modified:
   branches/SAMBA_4_0/source/web_server/http.c
   branches/SAMBA_4_0/webapps/qooxdoo-0.6.3-sdk/frontend/framework/source/class/qx/io/remote/XmlHttpTransport.js


Changeset:
Modified: branches/SAMBA_4_0/source/web_server/http.c
===================================================================
--- branches/SAMBA_4_0/source/web_server/http.c	2007-01-13 02:13:45 UTC (rev 20722)
+++ branches/SAMBA_4_0/source/web_server/http.c	2007-01-13 02:27:54 UTC (rev 20723)
@@ -456,7 +456,7 @@
 	}
 	SETVAR(ESP_REQUEST_OBJ, "COOKIE_SUPPORT", web->input.cookie?"True":"False");
 
-	SETVAR(ESP_HEADERS_OBJ, "HTT_REFERER", web->input.referer);
+	SETVAR(ESP_HEADERS_OBJ, "HTTP_REFERER", web->input.referer);
 	SETVAR(ESP_HEADERS_OBJ, "HOST", web->input.host);
 	SETVAR(ESP_HEADERS_OBJ, "ACCEPT_ENCODING", web->input.accept_encoding);
 	SETVAR(ESP_HEADERS_OBJ, "ACCEPT_LANGUAGE", web->input.accept_language);

Modified: branches/SAMBA_4_0/webapps/qooxdoo-0.6.3-sdk/frontend/framework/source/class/qx/io/remote/XmlHttpTransport.js
===================================================================
--- branches/SAMBA_4_0/webapps/qooxdoo-0.6.3-sdk/frontend/framework/source/class/qx/io/remote/XmlHttpTransport.js	2007-01-13 02:13:45 UTC (rev 20722)
+++ branches/SAMBA_4_0/webapps/qooxdoo-0.6.3-sdk/frontend/framework/source/class/qx/io/remote/XmlHttpTransport.js	2007-01-13 02:27:54 UTC (rev 20723)
@@ -310,9 +310,12 @@
 
 
   // --------------------------------------
-  //   Appliying request header
+  //   Applying request header
   // --------------------------------------
 
+  // Add a Referer header
+  vRequest.setRequestHeader('Referer', window.location.href);
+
   var vRequestHeaders = this.getRequestHeaders();
   for (var vId in vRequestHeaders) {
     vRequest.setRequestHeader(vId, vRequestHeaders[vId]);



More information about the samba-cvs mailing list