mirror of
https://github.com/yacy/yacy_search_server.git
synced 2024-09-19 00:01:41 +02:00
fix 756c817b5a
must be applied to all code where a transaction token is generated.
This commit is contained in:
parent
dc6f218520
commit
7830268be1
|
@ -54,9 +54,12 @@ public class ConfigAccounts_p {
|
||||||
final serverObjects prop = new serverObjects();
|
final serverObjects prop = new serverObjects();
|
||||||
|
|
||||||
/* Acquire a transaction token for the next POST form submission */
|
/* Acquire a transaction token for the next POST form submission */
|
||||||
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
|
||||||
|
|
||||||
final Switchboard sb = (Switchboard) env;
|
final Switchboard sb = (Switchboard) env;
|
||||||
|
try {
|
||||||
|
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
||||||
|
} catch (IllegalArgumentException e) {
|
||||||
|
sb.log.fine("access by unauthorized or unknown user: no transaction token delivered");
|
||||||
|
}
|
||||||
UserDB.Entry entry = null;
|
UserDB.Entry entry = null;
|
||||||
|
|
||||||
// admin password
|
// admin password
|
||||||
|
|
|
@ -179,7 +179,11 @@ public class ConfigPortal_p {
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Acquire a transaction token for the next POST form submission */
|
/* Acquire a transaction token for the next POST form submission */
|
||||||
|
try {
|
||||||
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
||||||
|
} catch (IllegalArgumentException e) {
|
||||||
|
sb.log.fine("access by unauthorized or unknown user: no transaction token delivered");
|
||||||
|
}
|
||||||
|
|
||||||
prop.putHTML(SwitchboardConstants.GREETING, sb.getConfig(SwitchboardConstants.GREETING, ""));
|
prop.putHTML(SwitchboardConstants.GREETING, sb.getConfig(SwitchboardConstants.GREETING, ""));
|
||||||
prop.putHTML(SwitchboardConstants.GREETING_HOMEPAGE, sb.getConfig(SwitchboardConstants.GREETING_HOMEPAGE, ""));
|
prop.putHTML(SwitchboardConstants.GREETING_HOMEPAGE, sb.getConfig(SwitchboardConstants.GREETING_HOMEPAGE, ""));
|
||||||
|
|
|
@ -37,6 +37,7 @@ import java.util.List;
|
||||||
|
|
||||||
import net.yacy.cora.protocol.RequestHeader;
|
import net.yacy.cora.protocol.RequestHeader;
|
||||||
import net.yacy.data.TransactionManager;
|
import net.yacy.data.TransactionManager;
|
||||||
|
import net.yacy.search.Switchboard;
|
||||||
import net.yacy.server.serverObjects;
|
import net.yacy.server.serverObjects;
|
||||||
import net.yacy.server.serverSwitch;
|
import net.yacy.server.serverSwitch;
|
||||||
|
|
||||||
|
@ -47,7 +48,11 @@ public class ConfigProperties_p {
|
||||||
final serverObjects prop = new serverObjects();
|
final serverObjects prop = new serverObjects();
|
||||||
|
|
||||||
/* Acquire a transaction token for the next POST form submission */
|
/* Acquire a transaction token for the next POST form submission */
|
||||||
|
try {
|
||||||
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
||||||
|
} catch (IllegalArgumentException e) {
|
||||||
|
Switchboard.getSwitchboard().log.fine("access by unauthorized or unknown user: no transaction token delivered");
|
||||||
|
}
|
||||||
|
|
||||||
String key = "";
|
String key = "";
|
||||||
String value = "";
|
String value = "";
|
||||||
|
|
|
@ -207,7 +207,11 @@ public class ConfigSearchPage_p {
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Acquire a transaction token for the next POST form submission */
|
/* Acquire a transaction token for the next POST form submission */
|
||||||
|
try {
|
||||||
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
||||||
|
} catch (IllegalArgumentException e) {
|
||||||
|
sb.log.fine("access by unauthorized or unknown user: no transaction token delivered");
|
||||||
|
}
|
||||||
|
|
||||||
prop.putHTML(SwitchboardConstants.GREETING, sb.getConfig(SwitchboardConstants.GREETING, ""));
|
prop.putHTML(SwitchboardConstants.GREETING, sb.getConfig(SwitchboardConstants.GREETING, ""));
|
||||||
prop.putHTML(SwitchboardConstants.GREETING_HOMEPAGE, sb.getConfig(SwitchboardConstants.GREETING_HOMEPAGE, ""));
|
prop.putHTML(SwitchboardConstants.GREETING_HOMEPAGE, sb.getConfig(SwitchboardConstants.GREETING_HOMEPAGE, ""));
|
||||||
|
|
|
@ -56,7 +56,11 @@ public class IndexDeletion_p {
|
||||||
final serverObjects prop = new serverObjects();
|
final serverObjects prop = new serverObjects();
|
||||||
|
|
||||||
/* Acquire a transaction token for the next POST form submission */
|
/* Acquire a transaction token for the next POST form submission */
|
||||||
|
try {
|
||||||
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
||||||
|
} catch (IllegalArgumentException e) {
|
||||||
|
sb.log.fine("access by unauthorized or unknown user: no transaction token delivered");
|
||||||
|
}
|
||||||
|
|
||||||
final SolrConnector defaultConnector = sb.index.fulltext().getDefaultConnector();
|
final SolrConnector defaultConnector = sb.index.fulltext().getDefaultConnector();
|
||||||
final SolrConnector webgraphConnector = sb.index.fulltext().getWebgraphConnector();
|
final SolrConnector webgraphConnector = sb.index.fulltext().getWebgraphConnector();
|
||||||
|
|
|
@ -182,7 +182,11 @@ public class IndexFederated_p {
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Acquire a transaction token for the next POST form submission */
|
/* Acquire a transaction token for the next POST form submission */
|
||||||
|
try {
|
||||||
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
||||||
|
} catch (IllegalArgumentException e) {
|
||||||
|
sb.log.fine("access by unauthorized or unknown user: no transaction token delivered");
|
||||||
|
}
|
||||||
|
|
||||||
// show solr host table
|
// show solr host table
|
||||||
if (!sb.index.fulltext().connectedRemoteSolr()) {
|
if (!sb.index.fulltext().connectedRemoteSolr()) {
|
||||||
|
|
|
@ -60,7 +60,11 @@ public class PerformanceQueues_p {
|
||||||
File defaultSettingsFile = new File(sb.getAppPath(), "defaults/yacy.init");
|
File defaultSettingsFile = new File(sb.getAppPath(), "defaults/yacy.init");
|
||||||
|
|
||||||
/* Acquire a transaction token for the next POST form submission */
|
/* Acquire a transaction token for the next POST form submission */
|
||||||
|
try {
|
||||||
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
||||||
|
} catch (IllegalArgumentException e) {
|
||||||
|
sb.log.fine("access by unauthorized or unknown user: no transaction token delivered");
|
||||||
|
}
|
||||||
|
|
||||||
// get segment
|
// get segment
|
||||||
final Segment indexSegment = sb.index;
|
final Segment indexSegment = sb.index;
|
||||||
|
|
|
@ -49,7 +49,11 @@ public class SearchAccessRate_p {
|
||||||
final serverObjects prop = new serverObjects();
|
final serverObjects prop = new serverObjects();
|
||||||
|
|
||||||
/* Acquire a transaction token for the next POST form submission */
|
/* Acquire a transaction token for the next POST form submission */
|
||||||
|
try {
|
||||||
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
||||||
|
} catch (IllegalArgumentException e) {
|
||||||
|
sb.log.fine("access by unauthorized or unknown user: no transaction token delivered");
|
||||||
|
}
|
||||||
|
|
||||||
if (post != null) {
|
if (post != null) {
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -52,7 +52,11 @@ public class Steering {
|
||||||
if(ss != null && ((Switchboard) ss).verifyAuthentication(header)) {
|
if(ss != null && ((Switchboard) ss).verifyAuthentication(header)) {
|
||||||
/* YaCyDefaultServlet will detect it and then also fill the custom HTTP response header used by the JavaScript shutdown and restart actions
|
/* YaCyDefaultServlet will detect it and then also fill the custom HTTP response header used by the JavaScript shutdown and restart actions
|
||||||
* or any external API requesting tool */
|
* or any external API requesting tool */
|
||||||
|
try {
|
||||||
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
prop.put(TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
||||||
|
} catch (IllegalArgumentException e) {
|
||||||
|
((Switchboard) ss).log.fine("access by unauthorized or unknown user: no transaction token delivered");
|
||||||
|
}
|
||||||
/* Also add to the Steering.html page info block for eventual display of this page without parameter */
|
/* Also add to the Steering.html page info block for eventual display of this page without parameter */
|
||||||
prop.put("info_" + TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
prop.put("info_" + TransactionManager.TRANSACTION_TOKEN_PARAM, TransactionManager.getTransactionToken(header));
|
||||||
} else {
|
} else {
|
||||||
|
|
Loading…
Reference in New Issue
Block a user